As OpenClaw explodes in popularity, its security issues are increasingly coming to light. Whether it’s recent official updates tightening permissions or government security advisories, everyone is paying more attention to 🦞 security. This time, let’s start from SlowMist’s minimalist security practice guide and analyze the new paradigm of attack and defense in the Agent era.
A source code analysis of 68 releases (v0.1.0 → v2026.3.1), tracing an AI product’s real journey from 0 to 1.
Introduction # In November 2025, a project called warelay quietly came into existence. Four months later, it became OpenClaw—an AI Agent platform supporting 8 messaging channels, native apps on three platforms, and sub-agent collaboration.
Ever asked your AI agent to modify its own config, only to watch it break itself? Then you spent an hour fixing it? Ever wanted a multi-agent Discord setup but couldn’t get the config right no matter how many tutorials you read?
After several days of intense work, I finally finished botdrop.app—a tool for running OpenClaw on Android—and now I have time to fill in some gaps. Have you been finding new ways to play with your 🦞 lately? I feel like this wave has truly spread everywhere; even friends who normally don’t care about tech are asking me about it.
The promised second tutorial is here. In just a few days since my last update, Moltbot has renamed itself again—the pace of the AI era is truly relentless. Even faster than the name changes is the wave sparked by moltbook, with all kinds of agent-oriented products emerging left and right, opening my mind to the early shape of a new era. But let’s not get into that today; let me first fill in the gaps from before and share my experience and insights on using OpenClaw through Telegram and Discord.
With Clawdbot’s rebranding to @moltbot, the initial excitement has started to fade. I wonder how many people have drifted back to their daily lives, and how many have stayed behind as “new species” left by the receding tide, ready to explore this new continent.
It feels like AI enthusiasts have been on an emotional roller coaster these past few days:
First, they heard about something called Clawdbot—looks like a lobster?—and thought: What is this? Why is everyone sharing it? Why don’t I have it yet? So they frantically read articles and ordered a Mac mini. Then came the analysis posts saying this thing is extremely dangerous, has way too many permissions, absolutely terrifying—uninstall it now! So everyone nervously uninstalled, shut down, wiped their systems, and listed their machines on secondhand markets (maybe the 🦞 got sold too, haha).
Clawdbot suddenly blew up recently, which I find both surprising and inevitable. I’ve been using Clawdbot for three weeks now, and I’ve been incredibly excited every single day because it genuinely feels like science fiction has become reality. Friends who follow me probably noticed I was pretty hyped those first few days—and those who chatted with me definitely felt it, haha.
If you use voice-to-text often, you already know the problem: Whisper transcripts are usually not ready to ship. You get filler words, no punctuation, and sentences that run forever. You can either fix it manually, or you accept something that looks like a raw dump.
macOS 26 Tahoe ships with a 3B parameter language model that Apple calls the Foundation Model. It normally hides in the system powering Writing Tools, Siri, and other features, but you can actually pull it out, wrap it as an OpenAI-compatible API, and plug it into any tool that supports the OpenAI format.
