Hacker News

I think the point you're making is fully correct, so consider this a devil's advocate argument...

People claim, you can use Claw-agents more safely while getting some of the benefits, by essentially proxying your services. For example on Gmail people are creating a new Google accounts, forwarding email via rule, and adding access to their calendar via Google's Family Sharing. This allows the Claw agent to read email, access the calendar, but even if you ask it to send an email it can only send as the proxy account, and it can only create calendar appointments then add you as an attendee rather than destroy/altering appointments you've made.

Is the juice worth the squeeze after all that? That's where I struggle. I think insecure/dangerous Claw-agents could be useful but cannot be made safe (for the logical fallacy you pointed out), and secure Claw-agents are only barely useful. Which feels like the whole idea gets squished.

Yes, although what I think is different in this setup here is the OpenShell gateway override, as they mention:

> NemoClaw installs the NVIDIA OpenShell runtime and Nemotron models, then uses a versioned blueprint to create a sandboxed environment where every network request, file access, and inference call is governed by declarative policy. The nemoclaw CLI orchestrates the full stack: OpenShell gateway, sandbox, inference provider, and network policy.

I think this means you get a true proxy layer with a network gateway that let's you stop in-flight requests with policies you define, so it's not their hardware but the combination of it plus OpenShell gateway and network policies.

I also think the reason they are doing this is to try and get some moat around these one-clik deployments and leverage their GPU for rent type of thing instead of having you go buy a mac mini and learn "scary" stuff (remember, the user market here is pretty strange lol)

Agreed. I think the "simplifies running OpenClaw always-on assistants safely" bit is pretty misleading. I suppose it can wreak less havoc on your local file system but, as you point out, it's access to your account credentials (Slack, email, Amazon?, etc.) that is the real danger.

You don't need to connect your calendar, email, or anything else. I am having so much fun talking to it bouncing ideas and pushing code/markdown files to GitHub (totally separate account I created for OpenClaw). On the other hand I don't have a crazy life that everything needs to be in the calendar.

I'm putting my dog in his crate with all my important documents, but leaving my fine china tableware in the cupboard away from the dog.

you put the dog in crate with a COPY of your documents.

s/revenue/data/

Secure installation isn't the main problem with OpenClaw. This project doesn't seem to be solving a real problem. Of course the real problem is giving an LLM access to everything and hoping for the best.

Lol you think these github repos just materialize as is? They probably did all the iteration and development internally and then ported it over to a github repo and made it public afterwards

It's quite sad you are riding the coattails of Openclaw here and on Twitter. You only talk about how you were "first" but never say why you are arguably nowhere near all the competitors in terms of distribution that supposedly copied from you

Why do you think OpenClaw caught on much faster?

Sometimes experience (or more so the wisdom you've accumulated over a long career) creates mental blocks / preconceptions about risks or problems you foresee, which makes it harder to approach big scary problems if you're able to anticipate all of the challenges you're likely to hit.

Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.

The most meaningful technical advances I've personally seen always started out as "let's just do it, it will only take a weekend" and then 2 years later, you find yourself with a finished product. (If you knew it would take 2 years from the start, you might have never bothered)

Naivety isn't always a bad thing.

There are four "people" that contributes (https://github.com/NVIDIA/NemoClaw/graphs/contributors) judging by the git commits and the GitHub authors, none of them seem to be novices at programming, what made you write what you wrote here?

A lot of senior engineering problems aren't gated by experience but by being trusted to coordinate large numbers of juniors.

Now that as a junior, I can spin up a team of AIs and delegate, I can tackle a bunch of senior level tasks if I'm good at coordination.

Neurons that fire together, wire together. Your brain optimizes for your environment over time. As we get older, our brains are running in a more optimized way than when we're younger. That's why older hunters are more effective than younger hunters. They're finely tuned for their environment. It's an evolutionary advantage. But it also means that they're not firing in "novel" ways as much as the "kids". "kids" are more creative I think because their brains are still adopting, exploring novelty, neuron connections aren't as deeply tied together yet.

This is also maybe one of the biggest pitfalls as our society get's "older" with more old people, and less "kids". We need kids to force us to do things differently.

Not 100% sure this isn't sarcasm, but I'll bite.

For me (a non-early career dev) these projects terrify me. People build stuff that just seem like enormous liabilities relying on tools mostly controlled and gate kept by someone else. My intuition tells me something is off. I could be wrong about it all, but one thing I've learned over the years is that ignoring my intuition typically doesn't end well!

> It’s impressive someone early in their career shipped this.

Hang on, what's impressive about this?

What is impressive about this project? It seems to be similar to other projects in that space.

Should be obvious that its tools like Claude Code. If you are a junior dev not experienced in delivering entire products but with good ideas you have incredible leverage now...

because the floor is fucking insane for junior developers right now!!

OpenClaw is so bad with Docker. I spent hours on it and hit road block after road block trying to get the most basic things working.

The last one was inability to install dependencies on the docker container to enable plugins. The existing scripts and instructions don’t work (at least I couldn’t get them to work. Maybe a me problem).

So I gave up and moved on. What was supposed to be a helpful assistant became a nightmare.

I'm curious if people have had success running it on Cloudflare workers. I know there was a lot of hype about that a few weeks ago.

Riight, unprivileged lxc/lxd container takes 2s to set up. Thanks NV, sticking with opencode.

The problem is that it cannot access your credentials hence useless.

Containers and VMs are really annoying to work with for these kinds of applications. Things like agent-safehouse and greywall are better imo