The fully autonomous agentic ecosystem makes me feel a little crazy â like all common sense has escaped. It feels like there is a lot of engineering effort being exhausted to harden the engine room on the Titanic against flooding. It's going to look really secure... buried in debris at the bottom of the ocean.
When a state sponsored threat actor discovers a zero day prompt injection attack, it will not matter how isolated your *Claw is, because like any other assistant, they are only useful when they have access to your life. The access is the glaring threat surface that cannot be remediated â not the software or the server it's running on.
This is the computing equivalent of practicing free love in the late 80's without a condom. It looks really fun from a distance and it's probably really fun in the moment, but y'all are out of your minds.
Am I missing something? Why is everyone talking about sandboxes when it comes to OpenClaw?
To me it's like giving your dog a stack of important documents, then being worried he might eat them, so you put the dog in a crate, together with the documents.
I thought the whole problem with that idea was that in order for the agent to be useful, you have to connect it to your calendar, your e-mail provider and other services so it can do stuff on your behalf, but also creating chaos and destruction.
And now, what, having inference done by Nvidia directly makes it better? Does their hardware prevent an AI from deleting all my emails?
I think the point you're making is fully correct, so consider this a devil's advocate argument...
People claim, you can use Claw-agents more safely while getting some of the benefits, by essentially proxying your services. For example on Gmail people are creating a new Google accounts, forwarding email via rule, and adding access to their calendar via Google's Family Sharing. This allows the Claw agent to read email, access the calendar, but even if you ask it to send an email it can only send as the proxy account, and it can only create calendar appointments then add you as an attendee rather than destroy/altering appointments you've made.
Is the juice worth the squeeze after all that? That's where I struggle. I think insecure/dangerous Claw-agents could be useful but cannot be made safe (for the logical fallacy you pointed out), and secure Claw-agents are only barely useful. Which feels like the whole idea gets squished.
Yes, although what I think is different in this setup here is the OpenShell gateway override, as they mention:
> NemoClaw installs the NVIDIA OpenShell runtime and Nemotron models, then uses a versioned blueprint to create a sandboxed environment where every network request, file access, and inference call is governed by declarative policy. The nemoclaw CLI orchestrates the full stack: OpenShell gateway, sandbox, inference provider, and network policy.
I think this means you get a true proxy layer with a network gateway that let's you stop in-flight requests with policies you define, so it's not their hardware but the combination of it plus OpenShell gateway and network policies.
I also think the reason they are doing this is to try and get some moat around these one-clik deployments and leverage their GPU for rent type of thing instead of having you go buy a mac mini and learn "scary" stuff (remember, the user market here is pretty strange lol)
Agreed. I think the "simplifies running OpenClaw always-on assistants safely" bit is pretty misleading. I suppose it can wreak less havoc on your local file system but, as you point out, it's access to your account credentials (Slack, email, Amazon?, etc.) that is the real danger.
You don't need to connect your calendar, email, or anything else. I am having so much fun talking to it bouncing ideas and pushing code/markdown files to GitHub (totally separate account I created for OpenClaw). On the other hand I don't have a crazy life that everything needs to be in the calendar.
I found this part interesting: "Inference requests from the agent never leave the sandbox directly. OpenShell intercepts every call and routes it to the NVIDIA cloud provider."
Seems like they are doing this to become the default compute provider for the easiest way to set up OpenClaw. If it works out, it could drive a decent amount of consumer inference revenue their way
Secure installation isn't the main problem with OpenClaw. This project doesn't seem to be solving a real problem. Of course the real problem is giving an LLM access to everything and hoping for the best.
OpenClaw can be useful, in theory, unlike rolling coal. OpenClaw is what people always hoped Siri, Alexa and/or Google Assistant would be, and now it's really here. It may be expensive, has a chance to become your local Skynet and might randomly delete or leak everything that's valuable for you..but I guess this counts as growing pains.
I'm trying to put together what you could possibly mean by this -- rolling coal is fundamentally about spite. In isolation, nobody _wants_ their vehicle to spew black smoke. It only comes close to making sense in the context of another population (EV owners, typically, or more generally "the libs").
OpenClaw lets people live a bit dangerously, but fundamentally gives them something that they actually wanted. They wanted it so badly that they're willing to take what seem like insane risks to get it.
> OpenClaw lets people live a bit dangerously, but fundamentally gives them something that they actually wanted. They wanted it so badly that they're willing to take what seem like insane risks to get it.
For the first time in my career I feel so incredibly behind on this: What is open claw giving people that they want so badly? It just seems like Russian Roulette, I honestly don't see the upside
I can give you, as an example, what is driving me towards trying it.
I work as a contractor for 2 companies, not out of necessity, but greed. I also have a personal project with a friend that is dangerously close to becoming a business that needs attention. I also have other responsibilities and believe it or not - friends. Also the ADHD on top of that.
I yearn for a personal assistant. Something or somebody that will read the latest ticket assigned to me, the email with project feedback, the message from my best friend that I haven't replied for the last 3 days and remind me: "you should do this, it's going to take 5 minutes", "you have to do this today, because tomorrow you are swamped" or "you should probably start X by doing Y".
I have tried so many systems of managing my schedule and I can never stick with it. I have a feeling that having a bot "reach out", but also be able to do "reasoning" over my pending things would be a game changer.
But yes, the russian roulette part is holding me back. I am taking suggestions though
Like with any new tool/technology, you have to try it. And even then the benefits won't be obvious to you until you've played with it for a few days/weeks. With LLMs in general, it took me months before I found real good use cases.
Simple example: I tell (with my voice) my OpenClaw instance to monitor a given web site daily and ping me whenever a key piece of information shows up there.
The real problem is that it is fairly unreliable. It would often ping me even when the information had not shown up.
Another example: I'm particular about the weather related information I want, and so far have not found any app that has everything. I got sick of going to a particular web site, clicking on things, to get this information. So I created a Skill to get what I need, and now I just ask for it (verbally), and I get it.
As the GP said. This is what Siri etc should have been.
> Simple example: I tell (with my voice) my OpenClaw instance to monitor a given web site daily and ping me whenever a key piece of information shows up there.
Maybe i'm just old -- a cron job can fetch the info and push it to some notification service too, without also being a chaos agent. It seems I spend the security cost here, and in return i can save 15 minutes writing a script. Juice doesn't seem to be worth the squeeze.
But they don't just want the text of the website pushed as a notification every day. They want the bot to load the site, likely perform some kind of interaction, decide if the thing they're looking for is there, and then notify them.
> Maybe i'm just old -- a cron job can fetch the info and push it to some notification service too, without also being a chaos agent.
Here's a concrete example: A web site showing after school activities for my kid's school. All the current ones end in March, and we were notified to keep a lookout for new activities.
So I told my OpenClaw instance to monitor it and notify me ONLY if there are activities beginning in March/April.
Now let's break down your suggestion:
> a cron job can fetch the info and push it to some notification service too, without also being a chaos agent.
How exactly is this going to know if the activity begins in March/April? And which notification service? How will it talk to it?
Sounds like you're suggesting writing a script and putting it in a cron job. Am I going to do that every time such a task comes up? Do I need to parse the HTML each time to figure out the exact locators, etc? I've done that once or twice in the past. It works, but there is always a mental burden on working out all those details. So I typically don't do it. For something like this, I wouldn't have bothered - I would have just checked the site every few days manually.
Here: You have 15 minutes. Go write that script and test it. Will you bother? I didn't think so. But with OpenClaw, it's no effort.
Oh, and I need to by physically near my computer to write the script.
Now the OpenClaw approach:
I tell it to do this while on a grocery errand. Or while in the office. I don't need to be home.
It's a 4 step process:
"Hey, can you go to the site and give me all the afterschool activities and their start dates?"
<Confirm it does that>
"Hey, write a skill that does that, and notifies me if the start date is ..."
"Hey, let's test the skill out manually"
<Confirm skill works>
"Hey, schedule a check every 10:30am"
And we're done.
I don't do this all at once. I can ask it to do the first thing, and forget about it for an hour or two, and then come back and continue.
There are a zillion scripts I could write to make my life easier that I'm not writing. The benefit of OpenClaw is that it now is writing them for me. 15 minutes * 1 zillion is a lot of time I've saved.
I agree with the sentiment that there are use cases for web scraping where an agent is preferable to a cron job, but I think your particular example can certainly be achieved with a cron job and a basic parser script. Just have Claude write it.
I didn't say it's not doable. I'm not even saying it's hard. But nothing beats telling Claw to do it for me while I'm in the middle of groceries.
Put another way: If it can do it (reliably), why on Earth would I babysit Claude to write it?
The whole point is this: When AI coding became a thing, many folks rediscovered the joy of programming, because now they could use Claude to code up stuff they wouldn't have bothered to. The barrier to entry went down. OpenClaw is simply that taken to the next level.
And as an aside, let's just dispense with parsing altogether! If I were writing this as a script, I would simply fetch the text of the page, and have the script send it to an LLM instead of parsing. Why worry about parsing bugs on a one-off script?
Scripts fail. Agents exfiltrate your data because someone hacked the school's website with prompt injections. Make sure it's a choice and not ignorance of the risks.
OpenClaw has a persistent memory, stored to disk, and an efficient way of accessing it. ChatGPT and Claude both added a rudimentary "memory" feature in March but it's nowhwere as extensible or vendor neutral.
A personal assistant of some sort that is actually useful at some stuff and not just a toy?
Itâs not some huge life changing thing for me, but I also only dabble with it - certainly it has no access to anything very important to my life.
I find it incredibly useful to just have a chat line open with a little agent running on a tiny computer on my IoT network at home I can ask to do basic chores.
Last night I realized I forgot to set the permanent holiday lights to âobnoxious st parties day animationâ at around 9pm. It was basically the effect of âhey siri, please talk to the front house wled controller and set an appropriate very colorful theme for the current holiday until morningâ while I drove to pick my wife up from a friends house.
Without such a quick off-handed ability to get that done, there was zero chance I was coming home 20 minutes later, remembering I should do that, spending 10 minutes googling an appropriate preset lighting theme someone already came up with, grabbing laptop, and clicking a half dozen buttons to get that done.
Trivial use case? Yup. But those trivial things add up for a measurable quality of life difference to me.
Iâm sure there are better and cleaner ways to achieve similar - but itâs a very fast on-ramp into getting something from zero to useful without needing to learn all this stuff from the ground up. Every time I think of something around that complexity level I go âugh. Iâll get to it at some pointâ but if I spend 15 minutes with openclaw I can usually have a decent tool that is âgood enoughâ for future use to get related things done for the future.
Itâs done far more complex development/devops âlabâ stuff for me that at least proved some concepts for work later. Iâll throw away the output, but these are items that would have been put off indefinitely due to activation energy because the basics are trivial but annoyingly time consuming. Spin up a few VMs, configure basic networking, install and configure the few open source tools I wanted to test out, create some simple glue code to mock out what I wanted to try out. That sort of thing. Basically stuff I would have a personal intern do if I could afford one.
For now itâs basically doing my IT chores for me. The other night I had it finally get around to setting up some dashboards and Prometheus monitoring for some various sensors and WiFi stuff around the house. Useful when I need it, but not something I ever got around to doing myself for the past 7 years since I moved in. Knocking out that todo list is pretty nice!
The risk is pretty moderate for me. Worst case it deletes configs or bricks something it has access to and I need to roll back from backups it does not have permissions to even know exist, much less modify. It certainly has zero access to personal email, real production environments, or anything like that.
It increasingly seems like most people make a different decision after thinking through the security implications of something like this. This is me being charitable.
> In isolation, nobody _wants_ their vehicle to spew black smoke.
Honestly, when I was 12 years old and my dad floored the TDi in our Land Rover (with the diesel particulate filter deleted), it felt satisfying in a way, like the machine is allowed to be its most efficient self.
Now that I'm adult, I know that it's marginal gains for the car and terrible for the environment, but there are people that have the thinking capability of a 12 year old driving these trucks. I don't think all of them do it because of spite (though I'm sure most do).
While I don't have OpenClaw installed and not sure how I 'd use it I doubt all the hype around it is because it doesn't solve a real problem. The project grew to huge popularity organically!!!
How can that happen if it doesn't serve a need people have?
I'll ignore the bait and answer: NFTs were gambling in disguise, these claws are personal/household assistants, that proactively perform various tasks and can be genuinely useful. The security problem is very much unsolved, but comparing them to NFTs is just willfully ignorant at best
"And that's why we've created MailCoin, the best way to perform stochastic mailbox ablation with with the latest, hottest blockchain technology." - from Show HN, March 20, 2026
Itâs amusing that âclawâ is sticking around as a term for these kind of things, when it was originally a pretty transparent attempt to avoid infringing on âClaudeââŚ
If you look at the commit history, they started work on this the Saturday before announcement, so about 2 days. There are references to design docs so it was in the works for some amount of time, but the implementation was from scratch (unless they falsified the timestamps for some reason).
Lol you think these github repos just materialize as is? They probably did all the iteration and development internally and then ported it over to a github repo and made it public afterwards
No they didn't. You can see all the commits as this was built iteratively[0]. This project started development on Saturday morning and now it's here.
This is pretty common now, people love to rapidly throw together stuff and show it off a few days later. The only thing different about this from your average Show HN sloppa is that it's living under the NVIDIA Github org, though that also has 700+ repositories[1] in it so they don't appear too discerning about what makes it into the official repo.
My best guess is this was an internal hackathon project they wanted to release publicly.
Itâs impressive someone early in their career shipped this. There seems to be a stark increase in high-quality AI/data projects from early-career engineers lately and I'm super curious whatâs driving that (and honestly speaking: a little jealous).
Sometimes experience (or more so the wisdom you've accumulated over a long career) creates mental blocks / preconceptions about risks or problems you foresee, which makes it harder to approach big scary problems if you're able to anticipate all of the challenges you're likely to hit.
Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
The most meaningful technical advances I've personally seen always started out as "let's just do it, it will only take a weekend" and then 2 years later, you find yourself with a finished product. (If you knew it would take 2 years from the start, you might have never bothered)
> Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
My favorite story in CS related to this is how Huffman Coding came to be [1]
This is so incredibly accurate. I see all these side projects people are spinning up and can't help but think "Sure it might work at first but the first time i have to integrate it with something else i'll have to spend a week trying to get them to work. Hell that'll probably require an annoying rewrite and its not even worth what I get out of it"
There are four "people" that contributes (https://github.com/NVIDIA/NemoClaw/graphs/contributors) judging by the git commits and the GitHub authors, none of them seem to be novices at programming, what made you write what you wrote here?
How is Peter "early in their career"? When he sold PSPDFKit for 100mio in 2020 he had been working on it for 13 years, and before that he'd worked as an engineer.
I think this is a fundamentally flawed perspective on the role and experience of a senior. It's a managers role to coordinate junior engineers. The difference between junior and senior is knowing where and when to do what at an increasing scale as you gain experience.
> It's a managers role to coordinate junior engineers.
Due to AI this is now my job. My company is hiring less juniors, but the ones we do hire are given more scope and coordination responsibilities since otherwise we'd just be LLM wrappers.
> The difference between junior and senior is knowing where and when to do what at an increasing scale as you gain experience.
Many juniors believe they know what to do. And want to immediately take on yuge projects.
e.g. I decided I want to rewrite my whole codebase in C++20 modules for compile time.
Prior to AI, I wouldn't be given help for this refactor so it wouldn't happen.
Now I just delegate to AI and convert my codebase to modules in just a few days!
At that point I discovered Clang 18 wasn't really optimized for modules and they actually increased build time. If I had more experience I could've predicted using half-baked C++ features is a bad idea.
That being said, every once in a while one of my stupid ideas actually pays off.
e.g. I made a parallel AI agent code review workflow a few months ago back when everyone was doing single agent reviews. The seniors thought it was a dumb idea to reinvent the wheel when we had AI code review already, but it only took a day or two to make the prototype.
Turns out reinventing the wheel was extremely effective for our team. It reduced mean time-to-merge by 20%!
This was because we had too many rules (several hundred, due to cooperative multitasking) for traditional AI code reviewers. Parallel agents prevented the rules from overwhelming the context.
But at the time, I just thought parallel agents were cool because I read the Gas Town blog and wasn't thinking about "do we have any unique circumstances that require us to build something internally?"
Neurons that fire together, wire together. Your brain optimizes for your environment over time. As we get older, our brains are running in a more optimized way than when we're younger. That's why older hunters are more effective than younger hunters. They're finely tuned for their environment. It's an evolutionary advantage. But it also means that they're not firing in "novel" ways as much as the "kids". "kids" are more creative I think because their brains are still adopting, exploring novelty, neuron connections aren't as deeply tied together yet.
This is also maybe one of the biggest pitfalls as our society get's "older" with more old people, and less "kids". We need kids to force us to do things differently.
For me (a non-early career dev) these projects terrify me. People build stuff that just seem like enormous liabilities relying on tools mostly controlled and gate kept by someone else. My intuition tells me something is off. I could be wrong about it all, but one thing I've learned over the years is that ignoring my intuition typically doesn't end well!
Should be obvious that its tools like Claude Code. If you are a junior dev not experienced in delivering entire products but with good ideas you have incredible leverage now...
Check out https://zo.computer - we've been doing OpenClaw for nearly a year, it works out of the box, and has hosting built-in. Zo arguably was the inspiration for Peter to create OpenClaw.
It's quite sad you are riding the coattails of Openclaw here and on Twitter. You only talk about how you were "first" but never say why you are arguably nowhere near all the competitors in terms of distribution that supposedly copied from you
OpenClaw is so bad with Docker. I spent hours on it and hit road block after road block trying to get the most basic things working.
The last one was inability to install dependencies on the docker container to enable plugins. The existing scripts and instructions donât work (at least I couldnât get them to work. Maybe a me problem).
So I gave up and moved on. What was supposed to be a helpful assistant became a nightmare.
Iâm not an engineer and now I realise why Iâve been struggling getting OpenClaw setup in docker. I just canât get it to work. Makes sense that it needs access to the underlying OS
Same experience. I used Coolify and it was so hard. I wondered why people are so enthralled with this unacceptable UX for setup, only to realize no one cared about Docker and they just got a new Mac mini or used their own system.
I've honestly found containers a breeze for such use cases. Inference lives on the host, crazy lives in an unpriv'd overlayfs container that I don't mind trashing the root of, and is like nothing in resources to clone, and gives a clean mitm surface via a veth. That said, greywall looks pretty dope!
The fully autonomous agentic ecosystem makes me feel a little crazy â like all common sense has escaped. It feels like there is a lot of engineering effort being exhausted to harden the engine room on the Titanic against flooding. It's going to look really secure... buried in debris at the bottom of the ocean.
When a state sponsored threat actor discovers a zero day prompt injection attack, it will not matter how isolated your *Claw is, because like any other assistant, they are only useful when they have access to your life. The access is the glaring threat surface that cannot be remediated â not the software or the server it's running on.
This is the computing equivalent of practicing free love in the late 80's without a condom. It looks really fun from a distance and it's probably really fun in the moment, but y'all are out of your minds.
Well, at least we share the same world as these people, meaning that we too will experience the consequences of their actions.
Isn't that a nice perspective
Am I missing something? Why is everyone talking about sandboxes when it comes to OpenClaw?
To me it's like giving your dog a stack of important documents, then being worried he might eat them, so you put the dog in a crate, together with the documents.
I thought the whole problem with that idea was that in order for the agent to be useful, you have to connect it to your calendar, your e-mail provider and other services so it can do stuff on your behalf, but also creating chaos and destruction.
And now, what, having inference done by Nvidia directly makes it better? Does their hardware prevent an AI from deleting all my emails?
I think the point you're making is fully correct, so consider this a devil's advocate argument...
People claim, you can use Claw-agents more safely while getting some of the benefits, by essentially proxying your services. For example on Gmail people are creating a new Google accounts, forwarding email via rule, and adding access to their calendar via Google's Family Sharing. This allows the Claw agent to read email, access the calendar, but even if you ask it to send an email it can only send as the proxy account, and it can only create calendar appointments then add you as an attendee rather than destroy/altering appointments you've made.
Is the juice worth the squeeze after all that? That's where I struggle. I think insecure/dangerous Claw-agents could be useful but cannot be made safe (for the logical fallacy you pointed out), and secure Claw-agents are only barely useful. Which feels like the whole idea gets squished.
Yes, although what I think is different in this setup here is the OpenShell gateway override, as they mention:
> NemoClaw installs the NVIDIA OpenShell runtime and Nemotron models, then uses a versioned blueprint to create a sandboxed environment where every network request, file access, and inference call is governed by declarative policy. The nemoclaw CLI orchestrates the full stack: OpenShell gateway, sandbox, inference provider, and network policy.
I think this means you get a true proxy layer with a network gateway that let's you stop in-flight requests with policies you define, so it's not their hardware but the combination of it plus OpenShell gateway and network policies.
I also think the reason they are doing this is to try and get some moat around these one-clik deployments and leverage their GPU for rent type of thing instead of having you go buy a mac mini and learn "scary" stuff (remember, the user market here is pretty strange lol)
I'm putting my dog in his crate with all my important documents, but leaving my fine china tableware in the cupboard away from the dog.
Then one day forgetting to close the door of the crateâŚ..
and then tie a tiny string from the china to a thing inside the cage because it seemed handy at the time...
Agreed. I think the "simplifies running OpenClaw always-on assistants safely" bit is pretty misleading. I suppose it can wreak less havoc on your local file system but, as you point out, it's access to your account credentials (Slack, email, Amazon?, etc.) that is the real danger.
You don't need to connect your calendar, email, or anything else. I am having so much fun talking to it bouncing ideas and pushing code/markdown files to GitHub (totally separate account I created for OpenClaw). On the other hand I don't have a crazy life that everything needs to be in the calendar.
you put the dog in crate with a COPY of your documents.
Make it two copies!
I found this part interesting: "Inference requests from the agent never leave the sandbox directly. OpenShell intercepts every call and routes it to the NVIDIA cloud provider."
Seems like they are doing this to become the default compute provider for the easiest way to set up OpenClaw. If it works out, it could drive a decent amount of consumer inference revenue their way
s/revenue/data/
Secure installation isn't the main problem with OpenClaw. This project doesn't seem to be solving a real problem. Of course the real problem is giving an LLM access to everything and hoping for the best.
Running OpenClaw is the nerd equivalent of rolling coal
OpenClaw can be useful, in theory, unlike rolling coal. OpenClaw is what people always hoped Siri, Alexa and/or Google Assistant would be, and now it's really here. It may be expensive, has a chance to become your local Skynet and might randomly delete or leak everything that's valuable for you..but I guess this counts as growing pains.
Rolling coal can be useful in theory, for pissing people off. As intended.
I'm trying to put together what you could possibly mean by this -- rolling coal is fundamentally about spite. In isolation, nobody _wants_ their vehicle to spew black smoke. It only comes close to making sense in the context of another population (EV owners, typically, or more generally "the libs").
OpenClaw lets people live a bit dangerously, but fundamentally gives them something that they actually wanted. They wanted it so badly that they're willing to take what seem like insane risks to get it.
What do the two have in common?
> OpenClaw lets people live a bit dangerously, but fundamentally gives them something that they actually wanted. They wanted it so badly that they're willing to take what seem like insane risks to get it.
For the first time in my career I feel so incredibly behind on this: What is open claw giving people that they want so badly? It just seems like Russian Roulette, I honestly don't see the upside
I can give you, as an example, what is driving me towards trying it.
I work as a contractor for 2 companies, not out of necessity, but greed. I also have a personal project with a friend that is dangerously close to becoming a business that needs attention. I also have other responsibilities and believe it or not - friends. Also the ADHD on top of that.
I yearn for a personal assistant. Something or somebody that will read the latest ticket assigned to me, the email with project feedback, the message from my best friend that I haven't replied for the last 3 days and remind me: "you should do this, it's going to take 5 minutes", "you have to do this today, because tomorrow you are swamped" or "you should probably start X by doing Y".
I have tried so many systems of managing my schedule and I can never stick with it. I have a feeling that having a bot "reach out", but also be able to do "reasoning" over my pending things would be a game changer.
But yes, the russian roulette part is holding me back. I am taking suggestions though
How much would a real personal assistant cost?
> How much would a real personal assistant cost?
A lot. And wouldn't be as good or fast. I am speaking from experience.
Like with any new tool/technology, you have to try it. And even then the benefits won't be obvious to you until you've played with it for a few days/weeks. With LLMs in general, it took me months before I found real good use cases.
Simple example: I tell (with my voice) my OpenClaw instance to monitor a given web site daily and ping me whenever a key piece of information shows up there.
The real problem is that it is fairly unreliable. It would often ping me even when the information had not shown up.
Another example: I'm particular about the weather related information I want, and so far have not found any app that has everything. I got sick of going to a particular web site, clicking on things, to get this information. So I created a Skill to get what I need, and now I just ask for it (verbally), and I get it.
As the GP said. This is what Siri etc should have been.
> Simple example: I tell (with my voice) my OpenClaw instance to monitor a given web site daily and ping me whenever a key piece of information shows up there.
Maybe i'm just old -- a cron job can fetch the info and push it to some notification service too, without also being a chaos agent. It seems I spend the security cost here, and in return i can save 15 minutes writing a script. Juice doesn't seem to be worth the squeeze.
But they don't just want the text of the website pushed as a notification every day. They want the bot to load the site, likely perform some kind of interaction, decide if the thing they're looking for is there, and then notify them.
All of which can already be done programmatically without OpenClaw.
Not with a single prompt.
> Maybe i'm just old -- a cron job can fetch the info and push it to some notification service too, without also being a chaos agent.
Here's a concrete example: A web site showing after school activities for my kid's school. All the current ones end in March, and we were notified to keep a lookout for new activities.
So I told my OpenClaw instance to monitor it and notify me ONLY if there are activities beginning in March/April.
Now let's break down your suggestion:
> a cron job can fetch the info and push it to some notification service too, without also being a chaos agent.
How exactly is this going to know if the activity begins in March/April? And which notification service? How will it talk to it?
Sounds like you're suggesting writing a script and putting it in a cron job. Am I going to do that every time such a task comes up? Do I need to parse the HTML each time to figure out the exact locators, etc? I've done that once or twice in the past. It works, but there is always a mental burden on working out all those details. So I typically don't do it. For something like this, I wouldn't have bothered - I would have just checked the site every few days manually.
Here: You have 15 minutes. Go write that script and test it. Will you bother? I didn't think so. But with OpenClaw, it's no effort.
Oh, and I need to by physically near my computer to write the script.
Now the OpenClaw approach:
I tell it to do this while on a grocery errand. Or while in the office. I don't need to be home.
It's a 4 step process:
"Hey, can you go to the site and give me all the afterschool activities and their start dates?"
<Confirm it does that>
"Hey, write a skill that does that, and notifies me if the start date is ..."
"Hey, let's test the skill out manually"
<Confirm skill works>
"Hey, schedule a check every 10:30am"
And we're done.
I don't do this all at once. I can ask it to do the first thing, and forget about it for an hour or two, and then come back and continue.
There are a zillion scripts I could write to make my life easier that I'm not writing. The benefit of OpenClaw is that it now is writing them for me. 15 minutes * 1 zillion is a lot of time I've saved.
But as I said: Currently unreliable.
I agree with the sentiment that there are use cases for web scraping where an agent is preferable to a cron job, but I think your particular example can certainly be achieved with a cron job and a basic parser script. Just have Claude write it.
I didn't say it's not doable. I'm not even saying it's hard. But nothing beats telling Claw to do it for me while I'm in the middle of groceries.
Put another way: If it can do it (reliably), why on Earth would I babysit Claude to write it?
The whole point is this: When AI coding became a thing, many folks rediscovered the joy of programming, because now they could use Claude to code up stuff they wouldn't have bothered to. The barrier to entry went down. OpenClaw is simply that taken to the next level.
And as an aside, let's just dispense with parsing altogether! If I were writing this as a script, I would simply fetch the text of the page, and have the script send it to an LLM instead of parsing. Why worry about parsing bugs on a one-off script?
Scripts fail. Agents exfiltrate your data because someone hacked the school's website with prompt injections. Make sure it's a choice and not ignorance of the risks.
OpenClaw has a persistent memory, stored to disk, and an efficient way of accessing it. ChatGPT and Claude both added a rudimentary "memory" feature in March but it's nowhwere as extensible or vendor neutral.
ChatGPT had memory for a long time. Claude also had it for quite some time for paying customers.
A real smart / ai agent doing thinks for you by Delegation.
Like the Star Trek computer
A personal assistant of some sort that is actually useful at some stuff and not just a toy?
Itâs not some huge life changing thing for me, but I also only dabble with it - certainly it has no access to anything very important to my life.
I find it incredibly useful to just have a chat line open with a little agent running on a tiny computer on my IoT network at home I can ask to do basic chores.
Last night I realized I forgot to set the permanent holiday lights to âobnoxious st parties day animationâ at around 9pm. It was basically the effect of âhey siri, please talk to the front house wled controller and set an appropriate very colorful theme for the current holiday until morningâ while I drove to pick my wife up from a friends house.
Without such a quick off-handed ability to get that done, there was zero chance I was coming home 20 minutes later, remembering I should do that, spending 10 minutes googling an appropriate preset lighting theme someone already came up with, grabbing laptop, and clicking a half dozen buttons to get that done.
Trivial use case? Yup. But those trivial things add up for a measurable quality of life difference to me.
Iâm sure there are better and cleaner ways to achieve similar - but itâs a very fast on-ramp into getting something from zero to useful without needing to learn all this stuff from the ground up. Every time I think of something around that complexity level I go âugh. Iâll get to it at some pointâ but if I spend 15 minutes with openclaw I can usually have a decent tool that is âgood enoughâ for future use to get related things done for the future.
Itâs done far more complex development/devops âlabâ stuff for me that at least proved some concepts for work later. Iâll throw away the output, but these are items that would have been put off indefinitely due to activation energy because the basics are trivial but annoyingly time consuming. Spin up a few VMs, configure basic networking, install and configure the few open source tools I wanted to test out, create some simple glue code to mock out what I wanted to try out. That sort of thing. Basically stuff I would have a personal intern do if I could afford one.
For now itâs basically doing my IT chores for me. The other night I had it finally get around to setting up some dashboards and Prometheus monitoring for some various sensors and WiFi stuff around the house. Useful when I need it, but not something I ever got around to doing myself for the past 7 years since I moved in. Knocking out that todo list is pretty nice!
The risk is pretty moderate for me. Worst case it deletes configs or bricks something it has access to and I need to roll back from backups it does not have permissions to even know exist, much less modify. It certainly has zero access to personal email, real production environments, or anything like that.
It increasingly seems like most people make a different decision after thinking through the security implications of something like this. This is me being charitable.
It is possible that they don't understand the risks involved, but yes, it certainly is tapping into unmet need.
> In isolation, nobody _wants_ their vehicle to spew black smoke.
Honestly, when I was 12 years old and my dad floored the TDi in our Land Rover (with the diesel particulate filter deleted), it felt satisfying in a way, like the machine is allowed to be its most efficient self.
Now that I'm adult, I know that it's marginal gains for the car and terrible for the environment, but there are people that have the thinking capability of a 12 year old driving these trucks. I don't think all of them do it because of spite (though I'm sure most do).
And donât care about them but they endanger third parties too.
And many of them are people who should know better.
Letâs make them 100% liable
While I don't have OpenClaw installed and not sure how I 'd use it I doubt all the hype around it is because it doesn't solve a real problem. The project grew to huge popularity organically!!!
How can that happen if it doesn't serve a need people have?
Compare NFTs. For them, it depends a bit on whether you see scratching a gambling itch as a real problem.
people are trying to run as fast as they can so that they are not left behind
(I've never run openclaw but planning)
Maybe let me ask this question:
How is this any different from NFT?
I'll ignore the bait and answer: NFTs were gambling in disguise, these claws are personal/household assistants, that proactively perform various tasks and can be genuinely useful. The security problem is very much unsolved, but comparing them to NFTs is just willfully ignorant at best
NFTs can't delete your mails.
"And that's why we've created MailCoin, the best way to perform stochastic mailbox ablation with with the latest, hottest blockchain technology." - from Show HN, March 20, 2026
Now with NFTs and pixel art, memorialising each and every one of your deleted emails in a unique and non-fungible way.
âŚ
âŚ
Now I actually want to make it, and build a "card trading game" on top of it.
I think nanoclaw is architecturaly much better suited to solve this problem.
Itâs amusing that âclawâ is sticking around as a term for these kind of things, when it was originally a pretty transparent attempt to avoid infringing on âClaudeââŚ
If you look at the commit history, they started work on this the Saturday before announcement, so about 2 days. There are references to design docs so it was in the works for some amount of time, but the implementation was from scratch (unless they falsified the timestamps for some reason).
Lol you think these github repos just materialize as is? They probably did all the iteration and development internally and then ported it over to a github repo and made it public afterwards
No they didn't. You can see all the commits as this was built iteratively[0]. This project started development on Saturday morning and now it's here.
This is pretty common now, people love to rapidly throw together stuff and show it off a few days later. The only thing different about this from your average Show HN sloppa is that it's living under the NVIDIA Github org, though that also has 700+ repositories[1] in it so they don't appear too discerning about what makes it into the official repo.
My best guess is this was an internal hackathon project they wanted to release publicly.
[0] https://github.com/NVIDIA/NemoClaw/commits/main/?after=241ff...
[1] https://github.com/orgs/NVIDIA/repositories?type=all
Cash in on the claw brand recognition by having "claw, but Nvidia".
And, to be fair to them, it works. It sticks. It gets the desired reactions.
Itâs impressive someone early in their career shipped this. There seems to be a stark increase in high-quality AI/data projects from early-career engineers lately and I'm super curious whatâs driving that (and honestly speaking: a little jealous).
Sometimes experience (or more so the wisdom you've accumulated over a long career) creates mental blocks / preconceptions about risks or problems you foresee, which makes it harder to approach big scary problems if you're able to anticipate all of the challenges you're likely to hit.
Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
The most meaningful technical advances I've personally seen always started out as "let's just do it, it will only take a weekend" and then 2 years later, you find yourself with a finished product. (If you knew it would take 2 years from the start, you might have never bothered)
Naivety isn't always a bad thing.
> Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
My favorite story in CS related to this is how Huffman Coding came to be [1]
[1] https://en.wikipedia.org/wiki/Huffman_coding#History
This is so incredibly accurate. I see all these side projects people are spinning up and can't help but think "Sure it might work at first but the first time i have to integrate it with something else i'll have to spend a week trying to get them to work. Hell that'll probably require an annoying rewrite and its not even worth what I get out of it"
There are four "people" that contributes (https://github.com/NVIDIA/NemoClaw/graphs/contributors) judging by the git commits and the GitHub authors, none of them seem to be novices at programming, what made you write what you wrote here?
I think he's talking about the original claw, Open Claw
How is Peter "early in their career"? When he sold PSPDFKit for 100mio in 2020 he had been working on it for 13 years, and before that he'd worked as an engineer.
OpenClaw? The one started by a person that sold his previous company and got >$100M ? I wouldn't call him a novice either.
A lot of senior engineering problems aren't gated by experience but by being trusted to coordinate large numbers of juniors.
Now that as a junior, I can spin up a team of AIs and delegate, I can tackle a bunch of senior level tasks if I'm good at coordination.
I think this is a fundamentally flawed perspective on the role and experience of a senior. It's a managers role to coordinate junior engineers. The difference between junior and senior is knowing where and when to do what at an increasing scale as you gain experience.
> It's a managers role to coordinate junior engineers.
Due to AI this is now my job. My company is hiring less juniors, but the ones we do hire are given more scope and coordination responsibilities since otherwise we'd just be LLM wrappers.
> The difference between junior and senior is knowing where and when to do what at an increasing scale as you gain experience.
Many juniors believe they know what to do. And want to immediately take on yuge projects.
e.g. I decided I want to rewrite my whole codebase in C++20 modules for compile time.
Prior to AI, I wouldn't be given help for this refactor so it wouldn't happen.
Now I just delegate to AI and convert my codebase to modules in just a few days!
At that point I discovered Clang 18 wasn't really optimized for modules and they actually increased build time. If I had more experience I could've predicted using half-baked C++ features is a bad idea.
That being said, every once in a while one of my stupid ideas actually pays off.
e.g. I made a parallel AI agent code review workflow a few months ago back when everyone was doing single agent reviews. The seniors thought it was a dumb idea to reinvent the wheel when we had AI code review already, but it only took a day or two to make the prototype.
Turns out reinventing the wheel was extremely effective for our team. It reduced mean time-to-merge by 20%!
This was because we had too many rules (several hundred, due to cooperative multitasking) for traditional AI code reviewers. Parallel agents prevented the rules from overwhelming the context.
But at the time, I just thought parallel agents were cool because I read the Gas Town blog and wasn't thinking about "do we have any unique circumstances that require us to build something internally?"
OpenClaw is many things, but decidedly not "high-quality".
Neurons that fire together, wire together. Your brain optimizes for your environment over time. As we get older, our brains are running in a more optimized way than when we're younger. That's why older hunters are more effective than younger hunters. They're finely tuned for their environment. It's an evolutionary advantage. But it also means that they're not firing in "novel" ways as much as the "kids". "kids" are more creative I think because their brains are still adopting, exploring novelty, neuron connections aren't as deeply tied together yet.
This is also maybe one of the biggest pitfalls as our society get's "older" with more old people, and less "kids". We need kids to force us to do things differently.
Not 100% sure this isn't sarcasm, but I'll bite.
For me (a non-early career dev) these projects terrify me. People build stuff that just seem like enormous liabilities relying on tools mostly controlled and gate kept by someone else. My intuition tells me something is off. I could be wrong about it all, but one thing I've learned over the years is that ignoring my intuition typically doesn't end well!
> Itâs impressive someone early in their career shipped this.
Hang on, what's impressive about this?
What is impressive about this project? It seems to be similar to other projects in that space.
Should be obvious that its tools like Claude Code. If you are a junior dev not experienced in delivering entire products but with good ideas you have incredible leverage now...
because the floor is fucking insane for junior developers right now!!
Check out https://zo.computer - we've been doing OpenClaw for nearly a year, it works out of the box, and has hosting built-in. Zo arguably was the inspiration for Peter to create OpenClaw.
It's quite sad you are riding the coattails of Openclaw here and on Twitter. You only talk about how you were "first" but never say why you are arguably nowhere near all the competitors in terms of distribution that supposedly copied from you
Why do you think OpenClaw caught on much faster?
counterpoint: this assumes everyone has the same constraints. not always true
what about just using an unprivileged container and mounting a host folder to run open claw?
OpenClaw is so bad with Docker. I spent hours on it and hit road block after road block trying to get the most basic things working.
The last one was inability to install dependencies on the docker container to enable plugins. The existing scripts and instructions donât work (at least I couldnât get them to work. Maybe a me problem).
So I gave up and moved on. What was supposed to be a helpful assistant became a nightmare.
Did you try Incus? Gives you VM-like experience in a container
Why not use a VM?
Why not ask an AI?
Iâm not an engineer and now I realise why Iâve been struggling getting OpenClaw setup in docker. I just canât get it to work. Makes sense that it needs access to the underlying OS
Same experience. I used Coolify and it was so hard. I wondered why people are so enthralled with this unacceptable UX for setup, only to realize no one cared about Docker and they just got a new Mac mini or used their own system.
Absolutely this. I finally got it working, but the instructions and scripts for setting it up with Docker absolutely do not work.
I'm curious if people have had success running it on Cloudflare workers. I know there was a lot of hype about that a few weeks ago.
Riight, unprivileged lxc/lxd container takes 2s to set up. Thanks NV, sticking with opencode.
The problem is that it cannot access your credentials hence useless.
Containers and VMs are really annoying to work with for these kinds of applications. Things like agent-safehouse and greywall are better imo
I've honestly found containers a breeze for such use cases. Inference lives on the host, crazy lives in an unpriv'd overlayfs container that I don't mind trashing the root of, and is like nothing in resources to clone, and gives a clean mitm surface via a veth. That said, greywall looks pretty dope!