I don’t think there’s anything wrong with running Openclaw. What is way too brave for my taste is giving it access to accounts with your personal data, or the filesystem in your computer. That’s a disaster waiting to happen.
I run it in an isolated server, and it doesn’t have access to my data - if it goes tits up, it deletes unimportant stuff only. If anyone gets access to the credentials in it, it’s a bunch of budget-limited API keys, so they can spend all of $4 on openrouter. Maybe the riskiest bit is its Google account. I went with the approach of giving it its own Google account, so that it can create docs and calendar events and then add me, rather than getting access to my Google account. But then again… That account has no payment info, nothing that I would be mega worried if it got leaked…
Sure, it might limit the usefulness a bit, but I think installing something like this is only acceptable if you sandbox it and don’t let it access valuable information. Going full mad scientist on something as “alpha” as this, letting it run wild with your info is nuts.
I went with the approach of giving it its own Google account, so that it can create docs and calendar events and then add me, rather than getting access to my Google account.
I wonder though: if Google can link this account to you as its actual owner, I wonder if there’s a risk if the bot does something against the ToS?
I work with some data sciencetists and ml engineers on web projects. They might be good at etls, fine tuning etx, but dont let them touch anything with a public.layer or infra constraints.
I don’t get all the downvotes, unless people misinterpreted your comment and assume you’re using it for medical devices. It’s open source and can be run with locally hosted, open weight models, so no harm in playing around with it as long as you don’t give it access to anything too risky.
Because i want to work on meaningful things that benefit people directly.
Because i want to unterstand the capabilities and limitations of openclaw-like agents. LLMs aren’t going away, better be proactive and learn what the hype is about.
How you deal with critical vulnerabilities on your system? Do you work with high confidential data and have openclaw os those system? How many medical devices did you have to secure from mass incursion?
How could any person with some programing literacy event thinking about installing openclaw. A malware ridden by critical bugs
I don’t think there’s anything wrong with running Openclaw. What is way too brave for my taste is giving it access to accounts with your personal data, or the filesystem in your computer. That’s a disaster waiting to happen.
I run it in an isolated server, and it doesn’t have access to my data - if it goes tits up, it deletes unimportant stuff only. If anyone gets access to the credentials in it, it’s a bunch of budget-limited API keys, so they can spend all of $4 on openrouter. Maybe the riskiest bit is its Google account. I went with the approach of giving it its own Google account, so that it can create docs and calendar events and then add me, rather than getting access to my Google account. But then again… That account has no payment info, nothing that I would be mega worried if it got leaked…
Sure, it might limit the usefulness a bit, but I think installing something like this is only acceptable if you sandbox it and don’t let it access valuable information. Going full mad scientist on something as “alpha” as this, letting it run wild with your info is nuts.
I wonder though: if Google can link this account to you as its actual owner, I wonder if there’s a risk if the bot does something against the ToS?
I hope you have backups of your Google account…
She’s the head AI Safety Expert for Meta. The field might as well be labeled AI Misunderstander.
I work with some data sciencetists and ml engineers on web projects. They might be good at etls, fine tuning etx, but dont let them touch anything with a public.layer or infra constraints.
you answered your own question here
I program medical devices for a living and I have openclaw and nanobot running at home. AMA.
I don’t get all the downvotes, unless people misinterpreted your comment and assume you’re using it for medical devices. It’s open source and can be run with locally hosted, open weight models, so no harm in playing around with it as long as you don’t give it access to anything too risky.
Why?
Because i want to work on meaningful things that benefit people directly.
Because i want to unterstand the capabilities and limitations of openclaw-like agents. LLMs aren’t going away, better be proactive and learn what the hype is about.
here’s hoping you are just trolling, because people with that kind of approach to medical devices should be in prison.
The poster clearly states one is at work and one is privately at home though?
Ah, doing your best to break the Therac-25’s record, I see.
That’s why unit and integration tests shouldn’t be written by Copilot.
How you deal with critical vulnerabilities on your system? Do you work with high confidential data and have openclaw os those system? How many medical devices did you have to secure from mass incursion?
Firewalled VM with no personal or professional data on it. So no.
What’s your emergency “break glass” policy?
Is it a bottle of whiskey?