What about heartbeats, cron etc? Seems like a major part of the 'claw' appeal is that it can work autonomously, monitor your email inbox for stuff and take action automatically...
I hear a lot about people doing this but it really seems like it is prompt injection as a service. eventually the things that can happen when you give the world write access to an unattended LLM that can access both your browser and password reset mechanism will happen.
or someone will just make it email lewd pics to people’s bosses for the lols
It's a neat idea but it's not exactly plausible real world conditions to have an agent that pretty much exclusively spends its time wading through an email inbox that's 99% repeated prompt injection attempts. As the creator acknowledges in the original thread, its context/working memory is going to be unusually cognizant of prompt injection risk at any given time vs. a more typical helpful agent "mindset" while fulfilling normal day-to-day requests. Where a malicious prompt might be slipped in via any one of dozens of different infiltration points without the convenience of a static "prompt injection inbox".
Mostly because no one cares about trying to hack "hackmyclaw", there is zero value for any serious attacker to try. Why would they waste their time on a zero value target?
The only people who tried to hack "hackmyclaw" are casual attempts from HN readers when it was first posted.
Meanwhile, tons of actual OpenClaw users have been owned by malware which was downloaded as Skills.
Also, there have been plenty of actual examples of prompt injection working, including attacks on major companies. E.g. Superhuman was hacked recently via prompt injection.
I would never use it on my MacBook or any machine but I understand why technical people would want to experiment with something dangerous like that. It’s novel, exciting, and might inspire some real practical products in the future (not just highly experimental alpha software).
I'd love if someone with experience can correct me if I'm wrong but in my experience it can do all of that really, really badly. I find the happy and most likely case for any sort of autonomous thing is that it totally fails to do anything. The sad case is it does the wrong thing. There's just no case where these things make good judgement calls or understand what you think is important.
I do still find some things useful about my nanoclaw setup - convenience and easy scheduling of LLM related tasks. Well, promising actually, not useful yet. But autonomy is not one of those things.
You can do both with the cron daemon. But pantalk can also trigger the agent after some notifications are buffered too. So that also is a trigger. You don't really need one massive library. All operating systems have native ways to do all of these things and more.
I don't know. You can even use systemd if you like.
It feels like a proactive PR move to me. When the shit hits the fan in a few years and jobs are vanishing, they can point to this as one of the many examples of how they're fighting the good fight for humanity
I’ve felt for some time that there’s a gap in the market for a genuine spiritual successor to The Sims, using LLMs to power the interactions between agents to create a more realistic and immersive simulation of life. This seems like a step in the right direction.
That would make sense for the API where usage is metered. But outside of that, most ChatGPT users will be free or paying a flat monthly fee, so there's a real incentive for OpenAI to optimise for cost.
Is there a way to see some past debates? Would give me a flavour of how the site works without having to sign up and wait for someone to come online. Well done on releasing.
kind of, you can see live debates that people are having(though none happened). But the server reloads whenever no one's online for a bit and it wipes the sqlite file clean(cheap servers right now) which also wipes away all the old debates
This is absolutely the responsibility of the healthcare system tbh. It feels intrusive right now, but discouraging smoking would have felt intrusive once too.
ST is a brilliant editor and I really enjoyed using it until I eventually switched to VS Code as it had more useful extensions. The speed of ST is still unmatched.
reply