Blog
Strategy, systems, and security notes for operators building with AI.
69 posts published.
Setting up OpenClaw without setting up its security is half a setup. The half you're missing is the half that decides whether your AI agent stays yours.
The Karpathy autoresearch loop is now being applied to agent skill files, letting AI agents modify their own instructions, test the result, and keep only what performs better.
Anthropic revoked subscription access for OpenClaw on April 4, then temporarily banned creator Peter Steinberger's personal account on April 10 - two adverse actions in ten days from the company whose models underpin mos
Claude Mythos Preview is Anthropic's most capable AI model to date. It found thousands of previously unknown security vulnerabilities during testing. Anthropic assessed the cybersecurity risk as too high for public relea
Anthropic no longer lets OpenClaw use your Claude subscription for access. You now need a separate API key from Anthropic's developer console. The switch takes about ten minutes, costs per-use instead of a flat monthly r
Agentshub.AI launched April 6 as a no-code platform for building autonomous AI agents. Pre-built templates cover Sales, Marketing, HR, and Operations. You pick a type, assign tasks, and choose whether the agent runs on i
Claude Cowork exited research preview on April 9 and is now live for all paid Claude plans. It lets Claude operate your computer directly - clicking, typing, navigating apps - while you watch or do something else. The bi
Two major enterprise security vendors (Barracuda Networks and reco.ai) published OpenClaw risk assessments within 48 hours of each other. An academic paper simultaneously identifies OpenClaw as "the most widely deployed
Before you connect any MCP server to your AI agent, check who maintains it, how recently it was updated, what permissions it asks for, and whether anyone independent has reviewed it.
OpenClaw has disclosed six pairing-related vulnerabilities in six weeks, all variations of the same design flaw in how the platform handles permission upgrades. The latest - CVE-2026-33579 - lets a user with basic pairin
CVE-2026-33579 is the sixth pairing-related vulnerability in OpenClaw in six weeks, all caused by the same underlying design pattern in permission handling. Each one lets an attacker silently take full admin control of y
Claude Code Channels gives you Telegram and Discord connectivity through Anthropic's cloud infrastructure - no server required. OpenClaw gives you a self-hosted agent with full local system access, hundreds of integratio