A sane but bull case on Clawdbot / OpenClaw

Posted by brdd 1 day ago

A sane but bull case on Clawdbot / OpenClaw(brandon.wang)

226 points | 361 commentspage 2

tsxxst 8 hours ago|

The fact that the author gave unrestricted 2FA access to the model is really scary. It’s way easier to phish an AI than a human.

afro88 6 hours ago||

Same. Immediately I thought why not have clawdbot ask you for the 2FA? That way you at least kind of know what security-protected action it's trying to take and can approve it

swiftcoder 2 hours ago||

The problem is baked in - he gives it access to iMessage, which is where all the sms-based 2fac codes end up. There is no way to prevent it reading 2 fac codes if you want to give it full text message access

chasd00 7 hours ago||

Just to be upfront, i've gone from one of the naysayers to a modest fan after spending some time using Claude Code on nights/weekends with tasks that I know I can do and how long it would take me in order to get an idea of productivity gains possible with the tool. So far, the money i've spent was worth the results i got.

However, it's shocking to me the blinders people have with these things. Security is supposed to be front and center in our industry with everything we build and do. I thought that lesson had been learned and learned well over the past 30 or so years of life on the web. People are going to get seriously burned and the only answer to them is going to be "well you should have known better". For a fishing analogy, Barracuda are circling just out of visual range biding their time but the strike is inevitable.

If you're using these agents, spend some time attacking them and see what you can get them to do that you thought would be impossible by default. If you find something say something, we're basically having to re-teach the whole Internet basic information security again.

causal 9 hours ago||

I'm still trying to understand what makes this project worthy of like 100K Github stars overnight. What's the secret sauce? Is it just that it has a lot of integrations? Like what makes this so much more successful than the ten thousand other AI agent projects?

zozbot234 9 hours ago||

It's set up to wake up periodically and work autonomously for you based on the broad instructions it's been given. Compared to the usual coding agent workloads, this makes it a lot more "assistant"-like.

causal 6 hours ago|||

That makes sense. I've thought for a while that having an agent that takes initiative rather than reacting to inputs could be really useful, and I imagine it takes a lot of trial and error to make it take just the right amount of initiative.

PurpleRamen 8 hours ago||||

So people are hyped because they don't know cron?

azan_ 7 hours ago||

Yeah and people were hyped for Dropbox because they did not know rsync and ftp.

mh2266 6 hours ago|||

Dropbox wasn't given access to your bank account 2fa. There should maybe be slightly more gatekeeping around installing software that unironically advertises itself as RCE: https://docs.openclaw.ai/gateway/security#node-execution-sys...

nickthegreek 4 hours ago||

There is a large amount of gatekeeping called installing and configuring this software. It is not a trivial task that normies can easily accomplish. You have to walk past so many red flags, that you would rightly be called in idiot if you lost anyting of value.

I'll be more concerned for the public when its a double click. Currently it's just a way for techies to fafo. And I do enjoy that there are many people out there messing around with it. It is closer to the 90s experimental net mindset and than I've seen lately. It is also fun that its not a big corpo release. It is not often quick and dirty small team software blows up this big and gets noticed by the world at large.

PurpleRamen 7 hours ago|||

You forgot cron. rsync without the periodic poll is not a good Dropbox-replacement.

consumer451 4 hours ago|||

Four months ago, I was playing with basically the same framework to explore the idea of "consciousness," using Claude Agent SDK as the harness and Opus 4.5 as the LLM.

I was thinking: wake up every hour, look at some webcams and the weather forecast (senses, change), maybe look at my calendar, maybe read my personal emails for important things, proactively chat with me for work or just fun via email invites.

I played with it for a bit, then got back to "serious work."

I am such an idiot for not seeing the broader value. One thing is that I was sure some multi-billion dollar company was already doing this, and I am super paranoid about the Lethal Trifecta.

fwip 1 hour ago||

Don't worry, you're not an idiot. This is not gonna pan out.

defgeneric 8 hours ago|||

It could be a symptom of how fragmented workflows are, which itself seems to be due to providers adding friction to guard against being integrated away by some larger platform.

fassssst 7 hours ago||

It’s easy to use

verdverm 6 hours ago||

this is typically good for new users and toy projects

this doesn't look like something enterprises would lean in to (normally, but we are in a new kind of hype period, one without clear boundaries between mini-cycles, where popularity trumps many other qualities)

627467 2 hours ago||

So, what prevents site to do dynamic pricing for bots checking sites for prices?

siliconc0w 8 hours ago||

It doesn't make sense to 'build trust' with a bot. Today it works but tomorrow someone may push a malicious 'skill', a dependency may be compromised, or someone eventually figures out the right prompt injection incantation to remotely drain your accounts.

dmje 8 hours ago||

What strikes me here is the extreme noise. I mean, I’m 50+ so you know, but even so, this shit doesn’t make sense. To be living a life where you’re checking messaging groups for 100+ messages a day, needing some kind of bot to manage your (obviously extremely traffic’d) texts incoming, to be watching tens of prices of stocks, products, meeting, what, tens of people a day (as an introvert…)…

Holy shit, fuck that. Slow the bejesus down and live a little. Go look at the sky.

zkmon 6 hours ago||

I don't think a lot of people worry about having a bot to manage their chats, appointments, travel, hotel booking etc. A lot of us just worry about the tasks in our task queue. Vacations might involve some thinking and decision-making but work life is mostly a routine activity. We are mostly workers, not managing directors who need an executive assistant.

olalonde 10 hours ago||

Why is everything in lowercase?

yoyohello13 6 hours ago||

He doesn’t even have time to open his freezer door. Why should he waste time on inefficient capital letters.

anonymous908213 9 hours ago|||

sam altman types like this, so this is what is cool to the agi believers.

thousand_nights 9 hours ago|||

this is cultural appropriation, i learned to type like this on irc in the 90s

also i don't want to be mistaken for a phone poster

anonymous908213 8 hours ago||

There are two notable differences between when the AGI-posters do it and when IRC-posters do it. AGI-posters extend their lowercase posting to what would normally be seen as more formal communication. They also tend to stick to using punctuation despite the lowercase. IRC posters usually keep it to informal communications, where it's a sign of casualness. That said, there is overlap, and it's of course not possible to instantly distinguish someone as a Sama devotee because of how they type; but it is clear that a lot of people in that bubble are intentionally adopting the style.

Der_Einzige 9 hours ago|||

Maybe he writes in lower case because he targets "lower ages"?

https://www.bbc.com/news/articles/cz6lq6x2gd9o

lmf4lol 9 hours ago|||

Funny thing is that his agent is perfectly capable of using upper- and lowercase correctly. Judging from his screenshots..

BoredPositron 10 hours ago|||

Maybe he is a fan of the Bauhaus movement.

>> we write everything in small letters, as we save time. also: why 2 alphabets, if one achieves the same? why capitalize, if you can't speak big?

whynotmaybe 9 hours ago||

Almost reaching the "Why use many word when few do trick?"

gessha 9 hours ago|||

Almost works for Neanderthal poetry [1]

[1] https://www.explodingkittens.com/products/poetry-for-neander...

hackeraccount 8 hours ago|||

sense no make

throwaway132448 10 hours ago||

It’s how you signal you’re part of the AI inner circle/cult.

rwoerz 9 hours ago||

so, that's how i can show my full devotion to the agi?

browningstreet 4 hours ago||

I've tried twice now to install it.. once in a docker container, and the second time in a droplet. Couldn't get any of the setup stuff configured properly, couldn't get any of the API keys registered, couldn't get the Telegram bot approved either.

Some of the commands seem to have drifted from the documentation. The token status freaks out too and then... whatever, after 2 hours I just gave up. And it only cost me $1.19 in Anthropic API tokens.

grugdev42 9 hours ago||

There is only so much damage a human assistant can do.

But an AI assistant can do so much more damage in a short space of time.

It probably won't go wrong, but when it does go wrong you will feel immense pain.

I will keep low productivity in exchange for never having to deal with the fallout.

velcrovan 9 hours ago||

Human beings are also liable for the results of their actions.

bob1029 9 hours ago|||

Regarding anything code/data:

  git commit 
  aws ec2 create-snapshot --volume-id ...
  git reset --hard
  git clean -fdx
  aws ec2 create-volume --snapshot-id ...
  robocopy "C:\backup" "D:\project" /MIR 
  ...

I agree there are a lot of things outside the computer that are a lot more difficult to reverse, but I think that we are maybe conflating things a bit. Most of us just need the code and data magic. We aren't all trying to automate doing the dishes or vacuuming the floors just yet.

wyldfire 4 hours ago|

Would it be any more comforting from a privacy standpoint to have the models capable of doing this running on the device itself instead of the cloud?

fph 4 hours ago|

...yes?

More comments...