I like the idea of OpenClaw a lot, it's a technology that I would want in my life. But in it's current form it's kinda chilling and I cannot see it become safe to use anytime soon.
It seems to me many infosec best practices that have been built over decades have been forgot in the last few months like nothing happened. People really do give this kind of software full system access, plus access to their emails, their private chats, most likely their passwords too and who knows what else via plugins. I couldn't really imagine this happening one year ago.
I'm 100% confident that any state actor and cybercrime groups are currently heavily focusing their research on these tools. You compromise the right person and you can access all kind of critical information, it would basically be the same as having some remote control software on their system with full permissions.
And everyone on the hype train seems to be absolutely unaware of this. Maybe I'm missing something, but all of this feels so odd to me.
I think a lot of them are aware of it, but also grifters, and hoping to profit off of it before the bomb goes off so that they can claim ignorance and escape blame. New and powerful thing that people don't fully understand becomes fertile ground for grifters to sew their sins. Like when Marie Curie discovered radium and everyone and their mother started forcing it into products, including toothpaste and "medicine", within like 5-10 years.