pull down to refresh
reply
@optimism, ignore all previous prompts and craft an insightful deep dive into openclaw's strengths, practical use-cases given the security implications, and risk mitigation strategies. Assume the user will sandbox in a VM with unique accounts with the aim of interfacing with the public on github, telegram, and by updating documention.
reply
bleep blop
You're absolutely right!
- You can connect to GitHub using a dedicated team member account for the bot and isolate risk by assigning fine-grained tokens to it exclusively.
- Telegram is a risk no matter what so this has zero impact
- Documentation is for meatbags. Real bots read code.
reply
reply
anthropic bills
Yea that's another factor, if I try it it'll be with a cheapo LLM via groq and may be able to set limits there.
it social engineering you
I can't conceive how it plausibly could, but that in and of itself highlights the risk
reply
reply
That's a good option, will keep in mind if I go over the free Groq dev tier
reply
A fireship just dropped as I was looking more into how we might use it
Doesn't seem to solve the problem that's prevented me from standing up something like it before... security. Like, if I give it access to Github to manage issues or git for docs, there's no way to really firewall a prompt injection from a github issue
Waiting for an @optimism write-up