alt Hacker NewsI’m not an openclaw user or a vibe coder but - the use case of OpenClaw is “give me access to all of your data, programs and information, and I will make decisions and do stuff without asking you permission”. It’s the MO of the project. Even if it was perfectly designed, I think it would have more RCEs by the fact that the Venn diagram of use of the app and high risk areas are a perfect circle
Replies
I'm OpenClaw user and I never would do that. You can do with OpenClaw that, but it is definitely not the only use case, and I would argue that not even the one that makes sense overall. Most people want to be careful which decisions you want to outsource and which not, and you can direct the AI to work however you prefer. Personally I have developed some projects with OpenClaw, and it does have very limited permissions.
> the use case of OpenClaw is “give me access to all of your data, programs and information, and I will make decisions and do stuff without asking you permission”. It’s the MO of the project.
You say that, but you also say
> I’m not an openclaw user
Your first statement makes the second one rather obvious.
As I said some weeks ago, I've given up pointing out on HN: "Well, you could just not give it your data" only to be repeatedly told (by non-users) that the whole point is to give it all your data.
And the myth continues...