[upstandingdude]

"It has access to email, deeper personal context [...] If it gets compromised, the blast radius is an IRC bot with a $2/day inference budget."

Dunno, if it gets compromised it has access to ironclaw. So the blast radius is email access and access to personal data. Depending on the setup the blast radius could even be 'the attacker removed the api limits by resetting password and incurred astronomic costs' or worse.

Just tried it, its a public lobby where people see each others questions?! Now the blast radius became 'hosting a public hub that was used to share CP and other illegal materials'

[devin]

That has been my comment to folks I know running these OpenClaw agents on Mac Minis. Some of them are very competent generally and are the type of people who I think historically would have told you why you shouldn't just `curl` and run some script to install something. For some reason when it comes to this stuff, when I bring up the possibility of their machine/connection/name/etc. being used for CSAM, they seem undisturbed. It is bizarre.

[johnisgood]

If what you said is true, then it seems like humanity is working as intended if we take away the rails?

[upstandingdude]

Yeah I mean its over exaggerated but I think the blast radius estimation was way too optimistic.

[devin]

Good way of putting it, yeah. Do I think it's likely? No. Would I willingly allow for such a scenario to even be possible? Also no.