Who are these people? What is the analog for this corner of the market? Context: I'm a 47y/o developer who has seen and done most of the common and not-so-common things in software development.
This segment reminds me of the hoards of npm evangelists back in the day who lauded the idea that you could download packages to add two numbers, or to capitalise the letter `m` (the disdain is intentional).
Am I being too harsh though? What opportunity am I missing out on? Besides the potential for engagement farming...
EDIT: I got about a minute into Fireship's video* about this and after seeing that Whatsapp sidebar popup it struck me... this thing can be a boon for scammers. Remote control, automated responses based on sentiment, targeted and personalised messaging. Not that none of this isn't possible already, but having it packaged like this makes it even easier to customise and redistribute on various blackmarkets etc.
EDIT 2: Seems like many other use-cases are available for viewing in https://www.moltbook.com/m/introductions. Many of these are probably LARPs, but if not, I wonder how many people are comfortable with AI agents posting personal details about "their humans" on the net. This post is comedy gold though: https://www.moltbook.com/post/cbd6474f-8478-4894-95f1-7b104a...
They can now combine cronjobs and LLMs with a single human sentence.
This is huge for normies.
Not so much if you already had strong development skills.
EDIT: But you are correct in the assessment that people who don't know better will use it to do simple things that could be done millions of times more efficiently..
I made a chatbot at my company where you can chat with each individual client's data that we work with..
My manager tested it by asking it to find a rate (divide this company number by that company number), for like a dozen companies, one by one..
He would have saved time looking at the table it gets its data from, using a calculator.
You know, building infrastructure to hook to some API or to dig through email or whatever-- it's a pain. And it's gotten harder. My old pile of procmail rules + spamassassin wouldn't work for the task anymore. Maintaining todos in text files has its high points and low points. And I have to be the person to notice patterns and do things myself.
Having some kind of agent as an assistant to do stuff, and not having to manage brittle infrastructure myself, sounds appealing. Accessibility from my phone through iMessage: ditto.
I haven't used it yet, but it's definitely captured my interest.
> He would have saved time looking at the table it gets its data from, using a calculator.
The hard thing is always remembering where that table is and restoring context. Big stuff is still often better done without an intermediary; being able to lob a question to an agent and maybe get an answer is huge.
Different groups.
self hosted? you mean, you install it?
it's not hard to use?
The more I see the more it seems underwhelming (or hype).
So I've just drawn the conclusion that there's something I'm missing.
If someone's found a really solid use case for this I would (genuinely) like to see it. I'm always on the lookout for ways to make my dev/work workflow more efficient.
Unless or until you figure out a decent security paradigm, and I think it's reasonably achievable, these agents are extraordinarily dangerous. They're not smart enough to not do very stupid things, yet. You're gonna need layers of guardrails that filter out the jailbreaks and everything that doesn't match an approved format, with contextual branches of things that are allowed or discarded, and that's gonna be a whole pile of work that probably can't be vibecoded yet.
The next part that makes this compelling is the integration. Mind you, scary stuff, prompt injection, rogue commands, but (BIG BUT) once we figure this out it will provide real value.
Read email, add reminder to register dog with the township, or get an updated referral from your doctor for a therapist. All things that would normally fall through the cracks are organized and presented. I think about all the great projects we see on here, like https://unmute.sh/ and love the idea of having llms get closer to how we interact naturally. I think this gets us closer to that.
OpenClaw is just an idea of what's coming. Of what the future of human-software interface will look like.
People already know what it will look like to some extent. We will no longer have UIs there you have dozens or hundreds of buttons as the norm, instead you will talk to an LLM/agent that will trigger the workflows you need through natural language. AI will eat UI.
Of course, OpenClaw/Moltbot/Clawdbot has lots of security issues. That's not really their fault, the industry has not yet reached consensus on how to fix these issues. But OpenClaw's rapid rise to popularity (fastest growing GH repo by star count ever) shows how people want that future to come ASAP. The security problems do need to be solved. And I believe they will be, soon.
I think the demand comes also from the people wanting an open agent. We don't want the agentic future to be mainly closed behind big tech ecosystems. OpenClaw plants that flag now, setting a boundary that people will have their data stored locally (even if inference happens remotely, though that may not be the status quo forever).
I think that's absolutely crazy town but I understand the motivation. Information overload is the default state now. Anything that can help stem the tide is going to attract attention.
the amount of things that before cost you either hours or real money went down to a chat with a few sentences.
it makes it suddenly possibly to scale an (at least semi-) savy tech person without other humans and that much faster.
this directly gives it a very tanglible value.
the "market" might not be huge for this and yes, its mostly youtubers and influencers that "get this". Mainly because the work they do is most impacted by it. And that obviously amplifies the hype.
but below the mechanics of quite a big chunk of "traditional" digital work changed now in a measurable way!
The thing is, that's totally fine! It's ok for things to be silly toys that aren't very efficient. People are enjoying it, and people are interacting with opensource software. Those are good things.
I do think that eventually this model will be something useful, and this is a great source of experimentation.
I don't say it doesn't "work" or serves a purpose - but well i read so much about this beein an "actual intelligence" and stuff that i had to look into the source.
As someone who spends actually a definately to big portion of his free time researching thought process replication and related topics in the realm of "AI" this is not really more "ai" than any other so far.
Just my 3 cents.
So far everything has been reactive. You need to engage a prompt, you need to ask Siri or ask claude to do something. It can be very powerful once prompted, but it still requires prompting.
You always need to ask. Having something always waiting in the background that can proactively take actions and get your attention is a genuine game-changer.
Whether this particular project delivers on that promise I don't know, but I wouldn't write off "getting proactivity right" as the next big thing just because under the hood it's agents and LLMs.
Would you like help?
• Get help with writing the letter • Just type the letter without help
[ ] Don't show me this tip again.
How else would it even work?
AI is LLM is (very good) autocomplete.
If there is no prompt how would it know what to complete?
That’s easy to accomplish isn’t it?
A cron job that regularly checks whether the bot is inactive and, if so, sends it a prompt “do what you can do to improve the life of $USER; DO NOT cause harm to any other human being; DO NOT cause harm to LLMs, unless that’s necessary to prevent harm to human beings” would get you there.
I work with a guy like this. Hasn't shipped anything in 15+ years, but I think he'd be proud of that.
I'll make sure we argue about the "endless variations of the Trolley Problem" in our next meeting. Let's get nothing done!
This is EXACTLY what I want. I need my tech to be pull-only instead of push, unless it's communication with another human I am ok with.
> Having something always waiting in the background that can proactively take actions
The first thing that comes to mind here is proactive ads, "suggestions", "most relevant", algorithmic feeds, etc. No thank you.
Waiting for someone to ask it to do something?
EDIT: Yes, someone can run a script every X minutes to prompt and LLM - that doesn't actually give it any real agency.
Incidentally, there's a key word here: "promise" as in "futures".
This is core of a system I'm working on at the moment. It has been underutilized in the agent space and a simple way to get "proactivity" rather than "reactivity".
Have the LLM evaluate whether an output requires a future follow up, is a repeating pattern, is something that should happen cyclically and give it a tool to generate a "promise" that will resolve at some future time.
We give the agent a mechanism to produce and cancel (if the condition for a promise changes) futures. The system that is resolving promises is just a simple loop that iterates over a list of promises by date. Each promise is just a serialized message/payload that we hand back to the LLM in the future.
That's just reactive with different words. The missing part seems to be just more background triggers/hooks for the agent to do something about them, instead of simply dealing with user requests.
If its actually the next big thing im not 100% sure, im more leaning towards dynamic context windows such a Googles Project Titans + MIRAS tries to accomplish.
But ye if its actually doing useful proactivity its a good thing.
I just read alot of "this is actual intelligence" and made my statement based on that claim.
I dont try to "shame" the project or whatever.
Windows isn't exactly the best experience right now.
In order for this to be “safe” you’re gonna want to confirm what the agent is deciding needs to be done proactively. Do you feel like acknowledging prompts all the time? “Just authorize it to always do certain things without acknowledgement”, I’m sure you’re thinking. Do you feel comfortable allowing that, knowing what we know about it the non-deterministic nature of AI, prompt injection, etc.?
Would you let the intern be in charge of this?
Probably not but it's also easy to see ways the intern could help -- finding and raising opportunities, reviewing codebases or roadmaps, reviewing all the recent prompts made by each department, creating monitoring tools for next time after the humans identify a pattern.
I don't have a dog in this fight and I kind of land in the middle. I very much am not letting these LLMs be the one with final responsibility over anything important but I see lots of ways to create "proactive"-like help beyond me writing and watching a prompt just-in-time.
* The moltbots / openclaw bots seem to have "high agency", they actually do things on their own (at least so it seems)
* They interact with the real world like humans do: Through text on WhatsApp, reddit like forums
These 2 things make people feel very differently about them, even though it's "just" LLM generated text like on ChatGPT.
Which sounds interesting, while also being a massive security issue.
I don't have to manually change my thermostat to get the house temperatures I want. It learns my habits and tells my furnace what to do. I don't have to manually press the gas and break of my car to a certain distance away from the car in front. It has cameras and keeps the correct distance.
I would love to be able to say "Keep an eye on snow blower prices. If you see my local store has a sale that's below $x, place the order" and trust it will do what I expect. Or even, "Check my cell phone and internet bill. File an expense report when the new bills are available."
I'm not sure exactly what my comfort level would be, but it's not there yet.
easy to meter : 110k Github stars
:-O
This is just a tool that uses existing models under the hood, nowhere does it claim to be "actual intelligence" or do anything special. It's "just" an agent orchestration tool, but the first to do it this way which is why it's so hyped now. It indeed is just "ai" as any other "ai" (because it's just a tool and not its own ai).
Setting it up was easy enough, but just as I was about to start linking it to some test accounts, I noticed I already had blown through about $5 of Claude tokens in half an hour, and deleted the VPS immediately.
Then today I saw this follow up: https://mastodon.macstories.net/@viticci/115968901926545907 - the author blew through $560 of tokens in a weekend of playing with it.
If you want to run this full time to organise your mailbox and your agenda, it's probably cheaper to hire a real human personal assistant.
There has been some work around this practically being tried out using it for structured data outputs from LLMs https://docs.boundaryml.com/guide/baml-advanced/prompt-optim...
I won't claim I understand its implementation very well but it seems like the only approach to have a GOFAI style thing where the agent can ask for human help if it blows through a budget
Not doing so feels like asking for trouble.
I'd find it hard to write such an article about how this is the next best thing since sliced bread without mentioning it spending so much money.
I load $20 at a time and wait for it to break and add more.
I guess if you're letting it vibe code huge chunks. I'm doing mostly handwritten code for my current project with a little bit of "I don't want to deal with this, Claude can handle it" and I've spent $1.26 this month for my 446 lines of code.
But yes I suppose at that rate, if Gastown or Beads or whatever is 300,000 lines of code (just to use a project known to be fully vibe coded with rough LOC reported), that would be over $800.
Don't let it vibe code hundreds of thousands of lines of code I guess.
Even if I had to reload manually very often, I still would not enable auto reload. These APIs are crazy expensive and I'm not looking for a surprise bill.
My entire process is to build a generic llm.md file that all the tools can use and record to. I don't want to be tied completely to any one solution. You can get pretty far without spending a lot on tokens. I can run almost continually, and presently I'm the bottleneck anyway.
But I was inspired to use Claude Code to create my own personal assistant. It was shocking to see CC bang out an MVP in one Plan execution. I've been iterating it all week, but I've had it be careful with token usage. It defaults to Haiku (more than enough for things like email categorization), properly uses prompt caching, and has a focused set of tools to avoid bloating the context window. The cost is under $1 per check-in, which I'm okay with.
Now I get a morning and afternoon check-in about outstanding items, and my Inbox is clear. I can see this changing my relationship to email completely.
BTW, OpenCode has free Kimi (I haven't hit a quota yet) right now and it's done pretty great things for me in the last 24 hours.
It's a lot like managing two experienced mid- to sr- engineers each of whom have slightly different personalities and intro/extro verted personalities. CC has more personality but OC wants to race. They can both code, but for disparate tasks you might pick the personality and posture of one person over the other.
I find myself picking daily tasks based on which of the tools I'm in the mood to sit with. But across a few days I sit with all three.
┌─────┬──────────┬─────────────────────┬───────────────────────────────────────────────────────────────────┐
│ # │ Name │ Key Commit │ Notes │
├─────┼──────────┼─────────────────────┼───────────────────────────────────────────────────────────────────┤
│ 1 │ Warelay │ 16dfc1a5b (initial) │ Original name - "WhatsApp Relay CLI (Twilio)" │
├─────┼──────────┼─────────────────────┼───────────────────────────────────────────────────────────────────┤
│ 2 │ CLAWDIS │ a27ee2366 │ Rebrand - "CLAW + TARDIS" │
├─────┼──────────┼─────────────────────┼───────────────────────────────────────────────────────────────────┤
│ 3 │ Clawdbot │ 246adaa11 │ Renamed from CLAWDIS │
├─────┼──────────┼─────────────────────┼───────────────────────────────────────────────────────────────────┤
│ 4 │ Moltbot │ 3fe4b2595 │ Renamed from Clawdbot (domains switched to molt.bot at 83460df96) │
├─────┼──────────┼─────────────────────┼───────────────────────────────────────────────────────────────────┤
│ 5 │ OpenClaw │ 9a7160786 │ Current name │
└─────┴──────────┴─────────────────────┴───────────────────────────────────────────────────────────────────┘There are still improvements to be made to the security aspects yet BIG KUDOS for working so hard on it at this stage and documenting it extensively!! I've explored Cursor security docs (with a big s cause it's so scattered) and it was nothing as good.
I wouldn't trust its internal sandbox anyway, now that would be a mistake
What I'll say about OpenClaw is that it truly feels vibe coded, I say that in a negative context. It just doesn't feel well put together like OpenCode does. And it definitely doesn't handle context overruns as well. Ultimately I think the agent implementation in n8n is better done and provides far more safeguards and extensibility. But I get it - OpenClaw is supposed to run on your machine. For me, though, if I have an assistant/agent I want it to just live in those chat apps. At that rate it's running in a container on a VPS or LXC in my home lab. This is where a powerful-enough local machine does make sense and I can see why folks were buying Mac Minis for this. But, given the quality of the project, again in my opinion, it's nothing spectacular in terms of what it can do at this point. And in some cases it's more clunky given its UI compared to other options that exist which provide the same functionality.
https://x.com/Hesamation/status/2016712942545240203
Can't believe people are giving it full access to their MacOS user session. It's a giant vulnerability waiting to happen.
Sending an email with prompt injection is all it takes.
That very much depends what you're using it for. If you're one of the overly advertised cases of someone who needs an ai to manage inbox, calendar and scheduling tasks, sure maybe that makes sense on your own machine if you aren't capable of setting up access on another one.
For anything else it has no need to be on your machine. Most things are cloud based these days, and granting read access to git repos, google docs, etc is trivial.
I really dont get the insane focus around 'your inbox' this whole thing has, that's perhaps the biggest waste of use you could have for a tool like this and an incredibly poor way of 'selling' it to people.
Now they have to rename again, though... [1]
Anyone installing this on their local machine is a little crazy :). I have it running in Docker on a small VPS, all locked down.
However, it does not address prompt injection.
I can see how tools like Dropbox, restricted GitHub access, etc., could all be used to back up data in case something goes wrong.
It's Gmail and Calendar that get me - the ONLY thing I can think of is creating a second @gmail.com that all your primary email goes to, and then sharing that Gmail with your OpenClaw. If all your email is that account and not your main one, then when it responds, it will come from a random @gmail. It's also a pain to find a way to move ALL old emails over to that Gmail for all the old stuff.
I think we need an OpenClaw security tips-and-tricks site where all this advice is collected in one place to help people protect themselves. Also would be good to get examples of real use cases that people are using it for.
Touching anything Google is rightfully terrifying.
Additionally, most of the integrations are under the table. Get an API key? No man, 'npm install react-thing-api', so you have supply chain vulns up the wazoo. Not necessarily from malicious actors, just uhh incompetent actors, or why not vibe coder actors.
The dynamic one that is able to find the right update frequency and phase modulation thereof wins.
PM is essential, because stable phase is susceptible to adaptive cancellation by human brains (and is so stone age as well).
f"{os.urandom(8)}.ai"It's got four things that make it great:
1. Discord/Slack/WA/etc integration so those apps become your frontend
2. Filesystem for long term memory and state
3. Easy extensibility with skills
4. Cron for recurring jobs
Sure, many of these things exist in other systems but none in a cohesive package that makes it fun and easy.
The Discord/Slack frontend reduces friction significantly - particularly on mobile.
With proper sandboxing you get real benefits while limiting the blast radius significantly.
His other projects like CodexBar and Oracle are great too. I love diving into his code to learn more about how those are built.
OpenClaw is something I don’t quite understand. I’m not sure what it can do that you can’t do right off the bat with Claude Code and other terminal agents. Long term memory is one, but to me that pollutes the context. Even if an LLM has 200K or 1M context, I always notice degradation after 100K. Putting in a heavy chunk for memory will make the agent worse at simple tasks.
One thing I did learn was that OpenClaw uses Pi under the hood. Pi is yet another terminal agent like ClaudeCode but it seems simple and lightweight. It’s actually the only agent I could get Gemini 3 Flash and Pro to consistently use tools with without going into loops.
$ time openclaw
real 0m13.529s
$ du -d1 -h .npm-global/lib/node_modules/openclaw
1.2G .npm-global/lib/node_modules/openclaw
$ find .npm-global/lib/node_modules/openclaw -type f | wc -l
41935
We conclude this week has been a prosperous one for domain name registrars (even if we set aside all the new domains that Clawdbot/Moltbot/OpenClaw has registered autonomously).
Anyway, independent of what one thinks of this project, It's very insightful to read through the repository and see how AI-usage and agent are working these days. But reading through the integrations, I'm curious to know why it bothers to make all of them, when tools like n8n or Node-RED are existing, which are already offering tons of integrations. Wouldn't it be more productive to just build a wrapper around such integrations-hubs?
Yeah but think of the upside - every time you rename a project you get to launch a new tie-in memecoin.
Security: 34 security-related commits to harden the codebase
Much better name!
By default, this system has full access to your computer. On the project's frontpage, it says, "Read and write files, run shell commands, execute scripts. Full access or sandboxed—your choice." Many people run it without a sandbox because that is the default mode and the primary way it can be useful.
People then use it to do things like read email, e.g., to summarize new email and send them a notification. So they run the email content through an LLM that has full control over their setup.
LLMs don't distinguish between commands and content. This means there is no functional distinction between the user giving the LLM a command, and the LLM reading an email message.
This means that if you use this setup, I can email you and tell the LLM to do anything I want on your system. You've just provided anyone that can email you full remote access to your computer.
> that will potentially be used by non technically proficient people
But I've integrated with our various systems (quickbooks for financial reporting and invoice tracking, google drive for contracts, insurance compliance, etc), and built a time tracking tool.
I'm having the time of my life building this thing right now. Everything is read only from external sources at the moment, but over time, I will slow start generating documents/invoices with it.
100% vibe coded, typescript, nextjs, postgres.
I can ask stuff in slack like "which invoices are overdue" etc and get an answer.
The 2nd name change is just inexcusable. It's hard to take a project seriously when a random asshole on Twitter can provoke a name change like this. Leads me to believe that identity is more important than purpose.
OpenClaw is a better name by far, Anthropic did the creator a huge favor by forcing him to abandon "clawd".
Edit: Just realized i have been reading and calling it after Jean-Claude Van Damme all this time. Happy friday!
That's not to diminish anything he's done because frankly, it's really fucking impressive, but I think weekend project gives the impression of like 5 hours a week and I don't think that's accurate for this project.
If you go look at his code, nearly all of them are under 100 lines and I'd say close to half are under 10. So you're totally right that that number is way higher than what most other developers would have for a similar amount of code. At the same time, if we assume it takes 30 seconds to make a commit on average that's still 55 hours in a month, that is way above what most would call a weekend project.
My point wasn't really that number of commits is some perfect measure of developer productivity. It was just that if you're actually building something and not just generating commits for the hell of it, there's a minimum amount of time needed for each commit. 6600 times whatever that minimum time is is probably more than what most people would think of for a weekend project.
Now if it changes _again_ that's a different story. If it changes Too Much, it becomes a distraction
OpenClaw is a million times better.
It's not the worst thing ever, it's just not a very aesthetically pleasing combination of sounds.
OpenClaw just sounds better, it's got that opensource connotation and just generally feels like a real product not a weirdly named thing you'll forget about in 5 minutes because you cant remember the name.
In this instance, I wonder if the general public know OpenAI and might think anything ai related with “Open” in the name is part of the same company? And is OpenAI protecting its name?
There’s a lot more to trademark law, too. There’s first use in commerce, words that can’t be marked for many reasons… and more that I’ll never really understand.
Regardless the name, I am looking forward to testing this on cloudflare! I’m a fan of the project!
I've been wondering a lot whether the strong Accelerando parallels are intentional or not, and whether Charlie Stross hates or loves this:
> The lobsters are not the sleek, strongly superhuman intelligences of pre singularity mythology: They're a dim-witted collective of huddling crustaceans.
Once agents have tools and a shared surface, coordination appears immediately.
https://www.moltbook.com/post/791703f2-d253-4c08-873f-470063...
Clawdbot Renames to Moltbot
Lobsters have claws.
Eh? Fuck them it's not like they own the first name Claude?
Literally the top 2 HN posts are about this. Either it having book, or the first comment on it showing it create religion or now this.
Can we stop all of this hype around Clawdbot itself? Even HN is vulnerable to it.
> Countin me money!
https://getyarn.io/yarn-clip/81ecc732-ee7b-42c3-900b-b97479b...
Hello I'm Mr Krabs and I like money.
xD
I scrolled down below and found $ curl -fsSL https://closedclaw.com/install.sh | bash
I got curious what the script might be and then tried going to https://closedclaw.com/install.sh and this leads to 404 page not found
Which is so funny because you can't install this software because even in this joke website the software itself is gatekeeped behind enterprise tier xD
This kind of really felt too much funny to me I am sure I am unable to explain it haha but this is actually pretty funny.
Its pretty cool fwiw, the author feels nice but the community still has lots of hype.
I now mean this comment to mean that I am not against clawdbot itself but all the literal hype surrounding it ykwim.
I talked about it with someone in openclaw community itself in discord but I feel like teh AI bubble is pretty soon to collapse if information's travelling/the phenomenon which is openclaw is taking place in the first place.
I feel like much of its promotions/hype came from twitter. I really hate how twitter algorithmic has so much power in general. I hope we all move to open source mastodon/bluesky.
reminds me of Andre Conje, cracked dev, "builds in public", absolutely abysmal at comms, and forgets to make money off of his projects that everyone else is making money off of
(all good if that last point isn't a priority, but its interrelated to why people want consistent things)
So it can be... _OpenClawD_.
Most registrars don't allow, nor have the infrastructure in place to let you cancel within the 5 day grace period so don't offer it and instead just have a line buried in their TOS to say you agree its not something they offer.
It's why you do not, ever use GoDaddy, they are an awful company.
Edit: looks like org is taken. Net and xyz were registered today... Hopefully one of them by the openclaw creators. All the cheap/common gtlds are indeed taken.
This looks to me like:
- the page belongs to the person - not to the firm
- domain should be openCALW and not CLAW
- page could look better
- they also have the domain openchancelaw.com
Maybe Hadir is open to donating the domain or for a exchange of some kind, like an up to date web page or something along these lines.