[river_otter]

The emails go through quickbooks/accounting software, Clawbolt doesn't have any direct email client. Use of tools is on a gradual permission basis like Claude code, and Clawbolt doesn't have any general code access or web access. I think you highlight an important point though that prompt injection continues to be a hazard of AI agent use, though tools continue to be developed to fight against it. The goal is to lock Clawbolt down as much as possible to help users avoid the security hazards of systems like openclaw, but this is definitely something that we'll need to watch and be careful about!

[whattheheckheck]

Thanks for the response, I have family in the construction industry and if i introduce a tool like this to them and they get hacked or some dumb stuff happen they will not be happy. But its very cool and I think a lot of the tickytacky computer work does get in the way of the business so this seems like a good direction to go