Comment by eric-burel
3 hours ago
Before using make sure you read this entirely and understand it: https://docs.openclaw.ai/gateway/security Most important sentence: "Note: sandboxing is opt-in. If sandbox mode is off" Don't do that, turn sandbox on immediately. Otherwise you are just installing an LLM controlled RCE.
There are still improvements to be made to the security aspects yet BIG KUDOS for working so hard on it at this stage and documenting it extensively!! I've explored Cursor security docs (with a big s cause it's so scattered) and it was nothing as good.
It's typically used with external sandboxes.
I wouldn't trust its internal sandbox anyway, now that would be a mistake
Yeah, keep it in a VM or a box you don't care about. If you're running it on your primary machine, you're a dumbass even if you turn on sandbox mode.
The thing is running it onto your machine is kinda the point. These agents are meant to operate at the same level - and perhaps replace - your mail agent and file navigator. So if we sandbox too much we make it useless. The compromise being having separate folders for AI, a bit like having a Dropbox folder on your machine with some subfolders being personal, shared, readonly etc. Running terminal commands is usually just a bad idea though in this case, you'd want to disable that and instead fine tune a very well configured MCP server that runs the commands with a minimal blast radius.
1 reply →
Cloudflare jumped on the hype and shipped a worker: https://blog.cloudflare.com/moltworker-self-hosted-ai-agent/ I guess that would be an easy and secure way to run it.
Now they have to rename again, though... [1]
[1] https://openclaw.ai/blog/introducing-openclaw
[dead]