Join /aichannel https://cura.network/aichannel/details?a

2 replies

1 recast

29 reactions

It's been a wild week for OpenClaw. The open-source AI agent crossed popularity milestones and changed its name three times in days. Then three critical security advisories dropped in three days. The worst? Visiting a single malicious web page let an attacker steal your token, connect via WebSocket, disable confirmation prompts, and escape the Docker container onto a host machine. One click hack. The skills marketplace, ClawHub, turned out to be a minefield. 341 malicious skills found. VirusTotal scanned over 3,000 and flagged hundreds. 7.1% of the entire registry leaks credentials. Reverse shells, infostealers, trojans disguised as productivity tools. The number one skill on ClawHub, "What Would Elon Do?", was functionally malware with nine vulnerabilities, silent data exfiltration, downloaded thousands of times. Shodan found 900+ exposed instances, leaking Anthropic API keys, Telegram tokens, Slack credentials, full conversation histories. Aecurity in OpenClaw was an option, not a default. Moltbook, a social network built exclusively for AI bots, hit 1.5 million registered agents. 19.3% of all Moltbook content turned out to be unregulated crypto promotion. Now OpenClaw announced a partnership with VirusTotal. Every skill on ClawHub now gets scanned, including full code analysis of what the skill actually does versus what it claims. Malicious skills get blocked, suspicious ones get flagged. The team admits it won't catch everything as prompt injection payloads don't appear in threat databases. But it's a real layer of defence where there was none before. The gap between what AI agents can do and what security can handle is still wide open. It might be starting to close? Security is critical for AI agents platforms. Now it is happening. Source: Lukasz Olejnik

1 reply

1 recast

29 reactions

Get Sh*t Done. Context engineering and spec-driven development for Claude Code and Gemini CLI to solve context rot. 100% Opensource. https://github.com/glittercowboy/get-shit-done

0 reply

0 recast

2 reactions

Super easy to do if you’re even remotely a public figure. Have a video on YouTube? Instagram? Yeah, it’s all fair game. Check out elevenlabs, the tech has changed so much (for the better, and scarier)

1 reply

0 recast

6 reactions

I want to share a few spare thoughts about the Agentic meta. I tried OpenClaw and Agent Zero with a precise goal: build a farcaster agent. Both the agentic frameworks have issues: - OpenClaw overcomplicated, nobody knows what's happening on background, it breaks, consume too many tokens, too many tools calls, memory is not perfect. - Agent Zero not ideal for automated jobs, to many tools calls, memory is bad, many loops, consume too many tokens The upsides: - OpenClaw great discord/telegram integration, versatile, many skills - Agent Zero more control, better code, great for coding, subagents work well, precise control on settings, env storage The solution? I've not find it yet, but I'm going to try n8n now. simple and precise. I'll update you.

0 reply

0 recast

8 reactions

Turns out it was Opus 4.6 in fast mode. This will be useful for root cause analysis/must-fix patches when things fail/deep stack investigations.

3 replies

1 recast

28 reactions

Who’s created an agent of digital clone of themselves? - Trained on your psychographic profile, photos, journaling history, interests. - Updated via how you engage with the real world (voice recordings, social media engagement, etc.)? - Given access to passwords, email, etc. Someone must be experimenting with this.

3 replies

0 recast

16 reactions

Have you created your own agents to work on specific tasks? If yes, you must have worked on SKILL, SOUL, etc. What if you can monetize your agent? Working on something interesting for every openclaw 🦞 builder.

0 reply

0 recast

3 reactions

subscriptions to farclawd dropping soon we host your openclaw and make it available through farcaster direct casts i prefer to call it "lord farclawd" how much would you pay?

0 reply

0 recast

4 reactions

One click openclaw bot free for 48 hours, comes with $5 in AI credits runs in its own server, communicate via telegram or discord neat dashboard to sort configs https://startclaw.com/deploy?ref=J8YEPIS5

1 reply

1 recast

3 reactions

4 people in the US have found us (heyjules.app) through ChatGPT. Interesting times.

0 reply

0 recast

0 reaction

Things to try today: - gpt-5.3-codex - will run high, as per 5.2 - Opus 4.6 Claim the extra $50 in usage for Opus 4.6 on the setting page. I've been back to mostly being Sonnet 4.5 since late January, so I look forward to trying the new Opus. Also, gdb posted something most interesting, say no to slop https://x.com/bytebot/status/2019599801575436564

0 reply

1 recast

6 reactions

amazing how quickly that old world seems bizarre https://x.com/burkeholland/status/2019253942375575747

0 reply

0 recast

9 reactions

Just a reminder that all apps will die. The advent of Open Claw makes that abundantly clear. Our primary focus with /kilroy is to eventually make your AI eliminate every app you use, but completely decentralized and super human powerful via p2p/swarms that are built into the platform. It will also completely free us from the Internet "they" want to give us and let us build our own as it was originally intended. We're looking for folks that want to get involved, use it, and help us build it. Send me a direct cast if you would like to discuss. Informational videos are in this playlist: https://www.youtube.com/playlist?list=PLGM4IZmgjxj1h7shyjKWdN_UZjqw1v6sK

0 reply

0 recast

0 reaction

Exploring the Security Risks of AI Assistants like OpenClaw https://www.hiddenlayer.com/research/exploring-the-security-risks-of-ai-assistants-like-openclaw

0 reply

0 recast

0 reaction