Sign in Subscribe
3 min read

OpenClaw Is Not Too Dangerous. It Is Too Powerful to Ignore.

OpenClaw Is Not Too Dangerous. It Is Too Powerful to Ignore.







There has been a lot of noise recently about OpenClaw. Most of it centres around how insecure it is, how risky it could be, and how people should not be running it unless they really know what they are doing.


After actually running it myself, I think that framing is misplaced.


Not because OpenClaw is harmless. It is not.

But because it is already at the point where not using something like this is a bigger risk for most businesses than using it carefully.



This is no longer “future AI”



OpenClaw is not a demo. It is not a research toy. It is not a sci-fi agent wandering your machine.


It is a general purpose AI control layer that you can run today, locally, on hardware you already own or can buy for next to nothing.


I set it up on an isolated Mac mini, followed the prompts, acknowledged the security warnings, capped model budgets, and had a fully working agent system running in a very short amount of time. No cloud complexity. No exotic infrastructure. Just deliberate setup.


This is the key point many critics miss. OpenClaw behaves like early Docker or early Kubernetes. Powerful primitives, very explicit warnings, and a clear assumption that you understand what you are deploying.


That is not recklessness. That is honesty.



The security warnings are not hidden. They are the product.



During onboarding, OpenClaw does not pretend this is safe by default software. It does the opposite.


It clearly states that:


  • This is still beta software
  • Tools can read files and run actions
  • Poor prompts can cause unsafe behaviour
  • You should not expose it to the internet casually
  • You should use allowlists, least privilege, and sandboxing
  • You should audit security regularly



This is not a system trying to sneak past you. It is a system saying “you are entering the machine room”.


Most of the insecurity we are seeing is not a platform problem. It is an operator maturity problem.



What I actually built with it



I linked OpenClaw to Telegram and created a bot called Butler Brad. That bot is now my personal assistant.


It can:


  • Alert me when a specific person emails me
  • Monitor things I care about without me checking inboxes all day
  • Manage tasks and surface them in chat
  • Run subtasks and even fix its own processes
  • Set up cron jobs
  • Operate entirely inside my own environment



I then linked it to my Google Workspace, including calendar, contacts, and documents, and created a dedicated sub agent to handle those requests.


If an email looks like a lead or a follow up, that agent can:


  • Add relevant context to Google Docs
  • Update Google Sheets
  • Draft or send replies
  • Handle scheduling
  • Keep everything organised



There is a disclaimer baked in that this is for me. It is not impersonating me publicly. It is not acting autonomously without boundaries.


This is not scary. It is useful.



Sub agents are the part everyone is misunderstanding



The real power of OpenClaw is not “an AI that can do anything”. It is the ability to break responsibility into scoped agents.


One agent monitors email.

One agent handles calendar and contacts.

One agent does notifications.

One agent executes system tasks.


Each one has limited permissions. Each one has a defined role. Each one can be disabled independently.


That is how grown up systems are designed.


People talking about “AI running wild on your machine” are reacting to the idea, not the architecture.



A Mac mini for 100 quid is enough



This is the part I think people are sleeping on.


You do not need a GPU server.

You do not need an enterprise budget.

You do not need a team.


You can buy a second hand Mac mini for around 100 quid, isolate it, lock permissions down properly, and run a general tech AI that works for you all day.


For a business, this is a force multiplier.

For a one man band, this is unfair leverage.


If you are running a company and you are still manually triaging email, context switching all day, forgetting follow ups, or reacting late to things, you are competing against people who will not have those problems for much longer.



Yes, you need to be responsible



This is not a call to wire it into everything blindly.


You should:


  • Scope permissions tightly
  • Keep secrets out of reach
  • Use allowlists
  • Audit regularly
  • Run it locally or in controlled environments
  • Treat it like infrastructure, not a toy



But that is true of every powerful tool we already rely on.



If you do not do this now, you will fall behind



This is the uncomfortable bit.


OpenClaw and systems like it are ready now. Not next year. Not after another hype cycle. Now.


People who adopt this early will:


  • Move faster
  • Miss fewer opportunities
  • Have more leverage per person
  • Operate with less cognitive load
  • Outperform teams that are still doing everything manually



This is not about replacing people. It is about amplifying them.


If you are a founder, an operator, or a solo business owner and you are not experimenting with this right now, others are. They will overtake you.


Carefully built personal AI infrastructure is no longer optional. It is becoming table stakes.


And OpenClaw is one of the first tools that makes that obvious.



Published by:

Brad

Member discussion