As OpenClaw explodes in popularity, its security issues are increasingly coming to light. Whether it’s recent official updates tightening permissions or government security advisories, everyone is paying more attention to 🦞 security. This time, let’s start from SlowMist’s minimalist security practice guide and analyze the new paradigm of attack and defense in the Agent era.
A source code analysis of 68 releases (v0.1.0 → v2026.3.1), tracing an AI product’s real journey from 0 to 1.
Introduction # In November 2025, a project called warelay quietly came into existence. Four months later, it became OpenClaw—an AI Agent platform supporting 8 messaging channels, native apps on three platforms, and sub-agent collaboration.
Ever asked your AI agent to modify its own config, only to watch it break itself? Then you spent an hour fixing it? Ever wanted a multi-agent Discord setup but couldn’t get the config right no matter how many tutorials you read?
After several days of intense work, I finally finished botdrop.app—a tool for running OpenClaw on Android—and now I have time to fill in some gaps. Have you been finding new ways to play with your 🦞 lately? I feel like this wave has truly spread everywhere; even friends who normally don’t care about tech are asking me about it.
The promised second tutorial is here. In just a few days since my last update, Moltbot has renamed itself again—the pace of the AI era is truly relentless. Even faster than the name changes is the wave sparked by moltbook, with all kinds of agent-oriented products emerging left and right, opening my mind to the early shape of a new era. But let’s not get into that today; let me first fill in the gaps from before and share my experience and insights on using OpenClaw through Telegram and Discord.
With Clawdbot’s rebranding to @moltbot, the initial excitement has started to fade. I wonder how many people have drifted back to their daily lives, and how many have stayed behind as “new species” left by the receding tide, ready to explore this new continent.
It feels like AI enthusiasts have been on an emotional roller coaster these past few days:
First, they heard about something called Clawdbot—looks like a lobster?—and thought: What is this? Why is everyone sharing it? Why don’t I have it yet? So they frantically read articles and ordered a Mac mini. Then came the analysis posts saying this thing is extremely dangerous, has way too many permissions, absolutely terrifying—uninstall it now! So everyone nervously uninstalled, shut down, wiped their systems, and listed their machines on secondhand markets (maybe the 🦞 got sold too, haha).
Clawdbot suddenly blew up recently, which I find both surprising and inevitable. I’ve been using Clawdbot for three weeks now, and I’ve been incredibly excited every single day because it genuinely feels like science fiction has become reality. Friends who follow me probably noticed I was pretty hyped those first few days—and those who chatted with me definitely felt it, haha.
If you’re someone actively exploring the AI era, you should have your own Discord Server.
I call my Discord Server the “Doomsday Cabin.” The name might sound a bit dramatic, but it’s genuinely my most relied-upon work environment right now. “Doomsday” is a mental anchor I set for myself—the imagery helps me imagine being in the quiet of a wilderness, having one place I know still works, storing everything important to me. No matter how noisy or fast-changing things get outside, I still have a quiet place to continue working, thinking, and iterating.
You wouldn’t wire $50,000 through a random website you found via Google ad. Yet that’s exactly what crypto wallets ask you to do every day—except when it goes wrong, there’s no bank to reverse the transaction, no fraud department to call, no chargeback to file.
