This is a submission for the OpenClaw Writing Challenge
Context
This is going to be short post. The goal is for me is understanding OpenClaw and to see why people use OpenClaw. I did quick research on OpenClaw and I will detail on what I find as a bare bone and why you should not consider OpenClaw yet.
Disclaimer: Take this post as a grain of salt since there is a very good chance that there is something I did not mention about OpenClaw whether it is good or bad since this is researched on a surface level and is based on what I have seen so far.
With that said, to get things out of the way really quick:
I know this sounds contradictory since you read the title to not use OpenClaw from a guy who never uses OpenClaw.
I don't hate it. From what I have seen, I think OpenClaw is a great tool for developers and is accessible for developers getting into AI Agents. However, seeing it rise quite quickly into popularity, it does raise concerns for me and I will tell you why. First, we need to know what OpenClaw is.
Okay, What is OpenClaw?
Based on their official website, it's an AI that does things. In other words, it's literally Jarvis from Iron Man. It can read/write emails for you, open browsers, build and use your GitHub to host a website...pretty much anything a human can do using a computer. If you can do a task on a computer, OpenClaw can do it.
On paper, this sounds legendary. An AI agent that can do anything?
Heck Yea!
Gone with the days where we use GitHub Copilot to do programming tasks.
However, if you think about it, it sounds very scary since OpenClaw can do anything. Even though it is scary, there are positives that I can give credit to OpenClaw.
Good Side of OpenClaw
Here are some good things I heard about OpenClaw!
1. Open Source!
From the name itself "OpenClaw", one would assume it is Open Sourced, which it is! Their repository has over 300k Stars and a lot of people are contributing to it. It's great to see it open source because it gives people transparency, especially when it's an AI agent that can do anything. Puts away the stress if you are worried about a program doing malicious things. Feel free to visit their repository for more details!
🦞 OpenClaw — Personal AI Assistant
EXFOLIATE! EXFOLIATE!
OpenClaw is a personal AI assistant you run on your own devices It answers you on the channels you already use. It can speak and listen on macOS/iOS/Android, and can render a live Canvas you control. The Gateway is just the control plane — the product is the assistant.
If you want a personal, single-user assistant that feels local, fast, and always-on, this is it.
Supported channels include: WhatsApp, Telegram, Slack, Discord, Google Chat, Signal, iMessage, IRC, Microsoft Teams, Matrix, Feishu, LINE, Mattermost, Nextcloud Talk, Nostr, Synology Chat, Tlon, Twitch, Zalo, Zalo Personal, WeChat, QQ, WebChat.
Website · Docs · Vision · DeepWiki · Getting Started · Updating · Showcase · FAQ · Onboarding · Nix · Docker · Discord
New install? Start here: Getting started
Preferred setup: run openclaw onboard in your terminal
OpenClaw Onboard guides you step by step through…
2. Easy to set up!
With being open source, they also have documentation for setting up OpenClaw! It's free, can host it locally, and you are open to use OpenRouter to add your API keys into OpenClaw, so you can manage your token usage.
3. Partnered with VirusTotal for Security!
On their page, they mentioned that they recently partnered with VirusTotal for security. They mention the importance of it, but the thing that is important is sensitive information, which they covered on their blog:
Feel free to read more about it here: https://openclaw.ai/blog/virustotal-partnership
What's the issue?
If OpenClaw is in a good spot at the moment, what's the issue?
The issue isn't the progress they are making. Don't get me wrong, right now, they are making good progress on fixing the issues, it's open source, and taking security seriously. It comes down to these things in my opinion that stops me from using OpenClaw.
1. An AI that does...anything
When it comes into being a programmer, you will have to take some risks such as npm installing packages to your computer and other things you need. I am conformable with this since I am aware of what I am installing.
I am currently not conformable with an AI agent doing the tasks and doing things in the background that I am not aware of. I like to be aware of things of what the AI agent is doing. Now, you may be asking:
What's different from GitHub Copilot CLI?
I might not be using it to the fullest potential, but the way I used it, it is more sand boxed. By that, I mean that I used the CLI in my Visual Studio Code only. It's more focused and If I asked anything, the minimum it will do is asking permission to search documentation online. I like this simplicity and aware of what the agent is doing and asking for permission every time.
When you have OpenClaw, you can ask to do a task, but it will do whatever it takes to complete that task. Since it is just "out of the open" on your computer, you have to be careful on how you prompt something to the AI Agent, which doesn't sit right with me since I am quite picky on how I word things and making sure the AI agent understand my requests.
You could argue that I should buy a Mac Mini (which seems to be the trend) to use OpenClaw by itself. But..why though?...
It's too much money and It's not my forte to buy a whole new computer just to run an AI agent for that purpose.
2. How much Tokens do you have?
Even running OpenClaw with Ollama, it still takes a lot of space just to run an AI agent. Typically, people will use AI on the cloud for this case which burns tokens...a lot.
I recently asked the Virtual Coffee Community that me and @jarvisscript are in. One person spoke their experience using OpenClaw where that person stated:
I’m using the $20/month ChatGPT subscription to run OpenClaw, and having it use my $200/month Claude subscription to run Claude Code. I definitely wouldn’t pay that much just for OpenClaw, but I already have the Claude subscription for work and OpenClaw is providing me with > $20/month in value so it’s worth it for me to buy the ChatGPT subscription.
If you are okay spending money to get the best out of OpenClaw, that's totally fine. In my opinion, I like to use free tools and ensuring the expectation of using that tool is worth it.
3. Too early (for me) to trust OpenClaw
Just because it became successful in a short amount of time, it doesn't mean that it is immune for it to fail. You can probably name a good amount of companies and projects being successful early on and quite quickly too, but it resulted in failure for many reasons. I always have this quote in mind:
The quicker the rises, the harder the fall.
I am not saying OpenClaw will fail, I am saying be cautious about the tools that was just release to the public before using it. That tends to be with me whenever I am using any services and tools.
Imagine this, let's say a company rises really quickly and that so many people sign up to use their services. Because of the rise of quick popularity, hackers will see this as an opportunity. If something really bad happens (like a databreach), not only the company will have a bad reputation, but MILLIONS OF DATA will be leak.
This is the worst case scenario. The reason I brought this up is because of what happen to FTX that made me think of this scenario.
Note: FTX did not have a data breach. But the "feeling" of the event that happened is the same (at least for me).
What is FTX and why is it important?
If you don't know, FTX is a crypto exchange that went bankrupt because of fraud. In summary, they lied on their financial report that they claim that they have a lot of money, but in reality, they were in severe debt. As a result, the company went bankrupt and MILLIONS of people lost a lot of money as a result.
Keep in mind that FTX is not a "random" company. It is quite well sponsored and a lot of Online Influencers promote it (even the mainstream media). There were a lot of trust in the community and believe that FTX will keep their money safe, which was not the case.
I hope you can understand where I am coming from. If you would like to learn more, Coffeezilla made a video on why FTX collapsed in detail:
Sure, the example I gave did not align to the FTX incident. What I am trying to say is that in this context for OpenClaw having a vulnerability that affects millions, it is quite scary to think (for an AI agent that does ANYTHING).
I am not stopping you from using OpenClaw if you believe that it hits all the green flags you expect such as being trustworthy, transparency, and such (which seems to be the case with OpenClaw!).
Again, I am saying that the tool is too early for me to use it and I would rather wait a bit before using it to see how it goes, especially in the state of the AI bubble.
Conclusion
Overall, I wouldn't recommend using OpenClaw just yet. I recommend waiting for a bit to see where it goes. Typically, for me, I wait for a year or so to see how far it has gotten. If everything is all good, then I would consider using it.
However, if you are a type of person where you are really bold and want to explore the unknown with zero anxiety, feel free to use it at your own risk. It's just that it doesn't sit right with me having an AI agent that is doing the work with minimum supervision. It's too much of a hassle for me.
In my opinion, I won't be using OpenClaw anytime soon unless if I were to have a lot of money just to buy a PC that only runs OpenClaw. The selling point of where an AI does anything didn't sit right with me. On paper, it sounds great. However, the more you think about it, the more scarier it gets that we are getting close to getting ourselves a real life Ultron. I would prefer to have an AI agent to be more sand boxed then letting loose into the wild and having the possibility that one miscommunication in the prompt will allow OpenClaw to delete System32.
Then again, I am just a guy on Dev.to :)
Top comments (36)
I wouldn't dream of using it personally. Not as a forever thing, but I have no interest in diving head first into this sort of thing too early on. But I see the appeal in general. For me I'm too old to be an early adopter.
AI agents by itself seems interesting to me and it's nice to try out! I just don't like the selling point where it can do anything. It just gives me anxiety to think about and it feels like it slows down production than anything since I have to make sure it understood the prompt I asked.
Thanks @ben! :D
Well, people gone so into "millionaire over night"-mode that AI decided to disable their tricky plans. My take on OpenClaw is that if one runs it on their private machine to run their private stuff, they just need to read my next article I will upload 😀😂
Make sense! I do despise the idea that you can make "millions" overnight just because an AI does a task faster and "knows" programming. Thanks Luftie!!
i never used openclaw, first because i never had the great setup to run it. there are so many good orchestrators out there u can build ur own openclaw. too muuch hyped
Make sense. I don't think you need a great setup for openclaw. You just need a good computer to run it, even locally. I see some impressive things being used for OpenClaw, but it's just not my cup of tea. Thanks Frank :)
Interesting take, but I think this is where it starts to feel a bit off.
I’m all for AI helping devs move faster — CLI tools, copilots, even things like Playwright MCP are genuinely useful. They still keep you in the loop. You’re driving, AI is assisting.
But tools like OpenClaw push closer to “just let the AI do everything,” and that’s where it loses me a bit. If you’re not thinking through the code, debugging, or making decisions… what’s your role anymore?
I get the argument for small teams — spinning up an “AI teammate” sounds great on paper. But in reality, it still feels early. Reliability, context, and trust just aren’t there yet (especially for anything beyond simple flows).
Also, maybe this is more of a personal take, but part of building software is… actually building it. Problem-solving is the fun part. If you remove that entirely, it kind of defeats the purpose.
Curious where others draw the line between “assistive” and “replacement.”
OpenClaw's whole point is replacing developers and laying off devs. It attracts product managers and non-tech people because it makes their dream come true where they don't have to hire any dev and give them monthly salary. Instead, the AI gents will do all the work and their company will be finally employee-free. No human in the loop, this is what makes it exciting for them.
Yeah indeed
Even that, AI in general is what makes people happy since they see AI as a replacement to humans when doing tasks, which I don't like at all. As a tool, make sense. I believe now, people are starting to realize that it is not a good replacement to human workers.
Great question! Depends on the individual of how they see OpenClaw. That leads to what you mention about the line between "assistive" and "replacement". It depends on one experience.
If a person uses it as a "replacement", they will eventually see reality that it is not the case down the line. It's a costly lesson, but I guess it's the only way for one to see the consequence since OpenClaw is more than just an "agent". It just makes completing tasks faster.
Thanks Mark :D
Powerful idea, but the blast radius is still too big.
Indeed.
The matching engine problem you hit is classic cross-platform entity resolution, and your 4-stage pipeline is actually pretty solid. A few thoughts from running into similar issues:
Your Entity Guard is doing a lot of heavy lifting. One thing that helped me was normalizing entity aliases before the Jaccard step â things like "NY Knicks" vs "New York Knicks" vs "Knicks" all mapping to a canonical form first. The Jaccard similarity between normalized strings is much more reliable.
Union-Find is the right call for transitive chains, but watch out for transitive false positives. If A matches B at 0.85 confidence and B matches C at 0.82, you're chaining AâC at effectively ~0.70. We added a max-chain-length limit of 3 to prevent this.
Have you considered using TF-IDF weighted cosine similarity instead of raw Jaccard? It handles the "France vs Brazil" vs "France vs Germany" edge case better because it weights discriminating terms higher.
The 95%â98% gap you're stuck on is brutal â in my experience that last 3% usually requires going from string similarity to actual semantic matching. Did you try any embedding-based approaches for the stragglers?
Great writeup either way. The architecture itself is clean enough that the matching layer is really the only thing holding it back.
Thanks :)
The part that resonates isn't the skepticism about OpenClaw specifically—it's the deeper unease about delegating agency to something that doesn't share your context or consequences. An AI that can "do anything" on your computer is fundamentally different from an AI that suggests code completions. The failure modes aren't just wrong answers; they're wrong actions.
What's interesting is that this hesitation exists even when the tool is open source and the code is auditable. Transparency helps with trust in the implementation, but it doesn't address trust in the execution. Knowing how the agent works doesn't tell you what it's going to do next Tuesday when you phrase a prompt slightly differently than you intended.
The token cost point is the practical anchor. People are stacking subscriptions—$20 for ChatGPT to run OpenClaw to run $200 worth of Claude Code. That's a real monthly bill for a workflow that's still experimental. It's easy to get swept up in the demo and forget that the meter is running the whole time.
Your FTX analogy is a stretch, but I think I understand the instinct behind it. It's not about fraud. It's about the gap between perceived safety and actual safety. FTX felt legitimate—mainstream sponsors, celebrity endorsements, a professional facade. OpenClaw feels safe because it's open source and well-documented. But the feeling of safety and the fact of safety are different things, and the difference only becomes visible after something goes wrong.
I'm in a similar camp of watching and waiting, but I wonder if there's a middle ground that doesn't require a dedicated Mac Mini. Could you run it in a Docker container with limited filesystem access? Or on a cloud VM you spin up only when you need it? Something that gives you the exploration without the commitment. Feels like there's space between "not yet" and "all in." Have you experimented with any sandboxed approaches, or is the whole category just on pause for you?
Hey! Thanks for taking the time to write your comment!
Pretty much. FTX does seem to be a stretch, but the goal is to understand that if it rises quickly, always be cautious about why. Even though it rises quickly into popularity doesn't mean it is "safe". It's just prone to hackers challenging themselves into finding vulnerabilities and other people looking deep into it faster. Obviously, it's not a "recipe to disaster", there are cases where one thing rises to popularity quickly and still ended up being just fine for a decade. It's just seeing that pattern makes me concern that it is the most likely case, but it is never 100%.
I have not, and probably never because of how scary it is for me. Theoretically, you could open up a Virtual Machine and run OpenClaw there, but the setup is interesting to where I don't bother. Maybe someone has done this before using a VM, but not sure.
Thanks for reading! Appreciated it :D
Searching job so i can get money to buy a computer just so i can run openclaw locally.
If its run with just tokens there is too big risk.
But local llm running OC if it needs cloud services etc i buy more hardware or use prepaid services so the error of OC wont break my retirement plans. If am worried about my personal data I would never have them in space where OC controls or has access to.
My assumption is we have to change how we operate to accommodate the openclaw.
That's fair. IMO, I wouldn't trust it now based on the pattern I see in products getting too much hype really quickly. Changing how we operate to accommodate OpenClaw is interesting, but it depends on if everyone collectively agrees for that change to happen in the first place. Thanks :)
Kinda agree with the caution tbh — giving an AI agent full “do whatever it takes” access to your machine before solid guardrails exist feels less like productivity and more like speedrunning a future postmortem 😅
"feels less like productivity and more like speedrunning a future postmortem" is one way to put it lol. My overthinking brain thinks that it's their plan to take over everyone's computer since it's an AI Agent that can do anything, which is a fair reason to be cautious. Thanks Willie :D
Interesting take — sometimes the best advice is to wait until promising tools mature before relying on them in production.
Indeed it is the best advice. It goes with anything too whenever a new product is release. It is better to wait until:
Thanks Laura :D
Some comments may only be visible to logged-in visitors. Sign in to view all comments.