OpenClaw can do a lot, but it shouldn't have access to your tokens

OpenClaw, also known as Moltbot or ClawdBot, quickly gained popularity as a personal AI agent harness, but its rapid adoption was marred by significant security concerns. Peter Steinberger, inspired by the potential of AI after leaving PSPDFKit, developed OpenClaw, which enables communication with multiple users across various channels via a gateway-connected computer. Despite its exciting potential to shape personal AI assistants' future, OpenClaw's launch highlighted vulnerabilities, including exposed servers and cryptocurrency theft risks, due to its full system access and browser control capabilities. Addressing these security issues involves running OpenClaw on separate systems with throwaway accounts, although recent development efforts focus on enhancing security through user and agent tool policies, sandboxing, and leveraging external runtimes like Arcade.dev, which isolates credentials from the harness. While improvements have been made, OpenClaw remains a tool for technically savvy early adopters, with recommendations to operate it in secure environments and maintain caution regarding the accounts used within its controlled browser.