undefined | Better HN

0 pointsvessenes3d ago0 comments

It seems almost impossible. I spent the weekend comparing nanoclaw to openclaw - nanoclaw is a slightly more secure version - containerized filesystem basically - and very popular.

It's a) harder to setup, b) less functional out of the box, c) has almost exactly the same security risk surface -- either you hook it up to your email, comms, documents and give it API tokens, or you don't. If you do -- well, at least it can't delete your hard drive without turning full evil and looking for red pill type exploits that break the container -- but, it still has the same other security dynamics.

Anyway, employing a very suspicious watcher that's hooked to the shell and API calls is probably the way forward. Can that thing be reasoned with / tricked?

0 comments

Tylast3d ago

I'm on my 3rd "claw" variant (currently https://github.com/moltis-org/moltis). I had the same issues you had. Moltis is better (at the moment).

j / k navigate · click thread line to collapse

0 pointsvessenes3d ago0 comments

It seems almost impossible. I spent the weekend comparing nanoclaw to openclaw - nanoclaw is a slightly more secure version - containerized filesystem basically - and very popular.

Anyway, employing a very suspicious watcher that's hooked to the shell and API calls is probably the way forward. Can that thing be reasoned with / tricked?