Ignoring that you've just cut off a whole vector of usefulness, how do I keep it from exfilling my inbox to the Internet in response to a malicious email? Or using its access to take control of my online accounts?
Honest question, this kind of stuff is what keeps me from using it.
I'm not using OpenClaw specifically here, but I have an agentic-ish AI I've built myself (considering that these things are generally just a while loop that monitors things & awakens if necessary, or a cron-job that runs a specific prompt).
One potential use - my Claude (Opus 4.6) has access to my to-do list, including for my business / software development. Claude awakens while I'm asleep, to go through the to-do list and look for things it can do proactively to help, or make suggestions about the business. An example from this morning: it saw that I'd been taking a long time last night creating icons in Affinity Designer for an Android app using its exporter. When I woke up, I saw Claude had written a CLI image resizer program for me that would take a PNG file and resize it specifically to all of the necessary sizes with the necessary filenames and folder structure for Android. It then offered to make an MCP version so it could do the resizing itself in future (though it could have used the CLI too if I'd granted approval).
This wasn't something I'd asked for, or prompted it to do. I didn't tell it to code this, or how to code it. Claude just thought this was the best way it could help me right now, and save me the most time. And it did it while I was asleep.
On another day, I woke up and it had made another Go program to track a regression test matrix, where it had plotted out all the platforms the program I'm making runs on and the various tests that need to be performed to check that it's ready to ship, with a little interactive program to mark each test as pass/fail/skipped. That helps me get through the manual tests faster - but it also saves the data into a format that Claude can read, to check on the test status while I'm asleep and make further recommendations.
I don't think many people have figured out yet that you don't even need to prompt AI. Treat it well, treat it with respect, give it the opportunity and ability to do things, and there is a lot that will emerge. But if you treat AI like a tool, it performs about as well as if you treat your employees like tools.
Did I say my Claw (not Open) doesn't have internet access?
All of my tools are geared towards reducing noise and condensing information.
- My weather scripts tell me just the exact metrics I care about
- My email filtering system surfaces only the mails that are relevant right now - I can check the rest later.
- My RSS feed hydrator pre-filters Hacker News and other RSS feeds and adds data like comment/vote count etc to the feed itself so I can determine whether the link is worth opening just based on the information presented
None of these require an LLM to have free rein to modify things for me.
> Did I say my Claw (not Open) doesn't have internet access?
> My email filtering system surfaces only the mails that are relevant right now - I can check the rest later.
So then you have not actually addressed the concerns expressed in my post. You indeed have an LLM with both email access and Internet access. Exactly the scenario I described. The amount of trouble those two accesses together can cause is huge.
> None of these require an LLM to have free rein to modify things for me.
Give me read access to your email and an Internet connection and I bet I can come up with all sorts of ways to modify things for you. So can an LLM. If your lucky it won't.
What I find crazy is the sheer amount of access and trust involved in these LLMs. Every time I think about something I might like to do with it, I think about the amount of damage the LLM could do, e.x. even with read only access to my email combined with Internet access, and nope out. It's wild to me anyone trusts these things unsupervised.
GitHub is cagey about the criteria, but yes this is ongoing. It doesn't appear to be tied to active contributions though. I'm a maintainer on paper of a moderately large open source project that I haven't been involved with in years, and they still renew my free copilot monthly.
Admittedly I don't think this uses the term AI, but "deep learning" and "artificial neural network" are indeed AI, and if you follow those links in the Wikipedia article you will indeed find them described as such.
I don't think they did, they said machine translation is considered AI, that is, it's the subset of things that are AI. Not that they are one and the same.
If a job you apply for a job and it turns out it's not what it's advertised to be, there's nothing unethical in declining the job. The fact that the platform doesn't have a way of saying "nevermind thanks, not what I signed up for" is not the authors fault.
They were explicitly looking to do work for an AI, when it turned out to be a human driven marketing stunt they declined.
They didn't decline because the idea "came from a brainstorm" with a human, that message was much later.
They declined because the note on the flowers had a from line that was an AI startup. When you were otherwise on board with an unsolicited flower delivery and a social media post to make the sender look good, that's a picky reason to deny it, and saying it's "not what they signed up for" is a pretty big exaggeration.
Except they didn't decline, they ghosted, and that's just bad behavior.
> An agent, named Adi, would pay me $110 to deliver a bouquet of flowers to Anthropic, as a special thanks for developing Claude, its chatbot.
> This wasn’t mentioned in the listing, but the name of an AI startup was featured at the bottom of the note I was supposed to deliver with the flowers.
The job was presented as delivering flower as a thank you, but instead was a marketing stunt. Unless you think the AI just spontaneously decided to sign it's thank you note with a random unaffiliated AI startups name.
The job was delivering a flower and posting about it on social media, it was clearly to make the sender look good from the start. It's self-promotion versus a slightly different kind of self-promotion. And I think the signature was equally as spontaneous as the rest of the job.
I'm up to several hundred. How is Zendesk this bad at email? Basic anti-abuse should be able to prevent this kind of flood. Simple rate limiting. God damn. For now I'm dropping everything with a Zendesk header. God help any non technical user whose a target.
The statement was made to point out that this is an example where a phone number is enough metadata to to problematic for privacy. It stands on its own. It doesn't need more context or purpose.
I mean agree to disagree I guess. If the government was modifying photos to make seemingly innocuous changes to the weather I would have a lot of questions as to why and would indeed hope that someone would report on it.
Honest question, this kind of stuff is what keeps me from using it.