OpenClaw
The AI that actually does things
5.0•27 reviews•1.5K followers
The AI that actually does things
5.0•27 reviews•1.5K followers
Formerly Moltbot and Clawbot, OpenClaw turns your computer into a 24/7 personal agent accessible from any chat app. Control your browser, execute shell commands, manage files, and automate workflows via WhatsApp or Telegram. Features persistent memory, full system access, local privacy, and 50+ integrations.
Agnes AI
@cruise_chen "It's fully hackable"—What does that mean? Doesn't that make it very dangerous? This statement of yours has caught my interest. LOL
@cruise_chen @shawking Can anyone explain? I am curious.
Agents with full shell + file access hit scale issues fast when permissions and secrets are too coarse, and chat ingress gets probed as soon as it is public.
Best practice is capability based allowlists enforced by a policy engine like OPA, plus sandboxed execution (namespaces seccomp or gVisor) and append only audit logs per action.
How do you authenticate each chat channel and map users to scoped capabilities, and is per tool trace replay or human approval on the roadmap?
This is really exciting. I'd love to get in touch with the team to integrate with our OSS lightweight protocol for making agent actions safer by requiring verifiable intent + provenance + evidence before high-impact tool calls (fail-closed by default). It fits super well with Moltbot's agent/tool workflow (ie. wrapping tool calls in Pi sessions with a quick verification step via SDK/JS port). Could add proactive security for things like browser, nodes, camera, or system exec without much overhead. Would love to explore an integration and happy to prototype a skill/wrapper or submit a PR if you're open.
Either way, supported and wish you all the best.
I really rarely write a review for something. Not food, not products, nothing.
But here, here I need to. It is a duty for me to say that this is the biggest leap I've ever experienced in the AI and Agentic-AI world.
My setup is simple: server, local models, and skills. That's it, this is what I'm using. Through @Moltbot I basically set up my own Jarvis in one day. It KNOWS me and is capable of continuously learning and improving. The skills are so powerful that it seems to me I wasn't really using AI before.
With a privacy-first approach and literal guidelines for me to stick to from my line of work, I am not afraid of someone getting in, as the only touchpoint has been designed to be continuously authorized by me, behind a firewall, with Moltbot working in a subnet. So yes, it is possible.
I read some comments here about the capabilities and scope, as well as human approval. It is possible and it was my concern too, at first, so I can't blame anyone inquiring this. After a quick skim of the documentation I just decided to try for myself. Set up different profiles, different capabilities and exec behavior, it will work. I would give 1000 upvotes, god, even a million if I could.
Keep up the good work, and I'm curious to know the dev roadmap for this project, everything, from the CLI to clawdhub has the capability of becoming a behemoth. Keep it hacky, though. (I lowkey want to gatekeep this)
Moltbot isn’t interesting because it “controls your computer” — that’s the easy part.
What makes it compelling is that it treats the OS as the actual execution surface, not a browser-shaped illusion of one.
This shifts AI from “assistive text generation” to delegated action, which is a real phase change.
The hard problem now isn’t capability, but governance: explicit permissions, scoped capabilities, and auditable actions.
If Moltbot can get that layer right, it’s not just another agent — it’s an operating substrate for agents.
minimalist phone: creating folders
Yesterday, I was trying to install it. But also saw how many people started complaining about attacks and hack attempts. This opens doors to new business ideas to patch the blind spots.
Mom Clock
@busmark_w_nika Me too! I finally made it with a VPS and started exploring it. So far so good.
@busmark_w_nika @justin2025 https://testclawdbot.com/ is going to fix that with 1 click VPS deployment, it also automatically loads moltbot on launch
As a heavy power user of Poke for proactive, messaging-native assistance on top of my email and calendar, I’m curious: what are some workflows where you’ve seen Clawdbot actually outperform Poke in the real world.