The 'run it on a VPS' pattern shows up every time agentic safety comes up — it's a network-level moat around a governance gap. The more interesting question is what happens inside the VPS: which tools the agent can invoke, at what frequency, with what credential scope. Isolation is a last resort; the earlier catch is at the tool invocation level, before the action reaches the network boundary. The teams seeing gigantic gains from legacy refactoring are probably also the ones most surprised when something unexpected gets deleted.
Intrigued by OpenClaw agents, but also a bit nervous about the attack surface. Should people be running this on a VM, an old personal computer, or another form of isolation? What are experienced folks actually doing in practice? (I know many just installing everything on their PC...)
As someone running a SaaS with sensitive infra, I’m especially curious about how to structure boundaries between the agent and their real‑world production systems.
I currently use it for 3 things, all of them are cron jobs that runs in the morning.
1- Check hacker news for AI related news and compile a digest
2- Check new YC companies in the P26 batch
3- Check ladybird and summarize the commits in the last 24 hour.
I'm using it to manage product backend operations through Telegram. Without OpenClaw, most tasks were automatable with Claude Code anyways, but OpenClaw lets me to chat in TG and get things done without opening up a terminal.
As for security, I don't run OpenClaw on my machine, but I use a VPS and let Claude Code do security reviews regularly, and enforce OpenClaw to ask for confirmation every time it runs critical scripts or delete files.
I'm trying to it, but I'm having a lot of difficulties to turn it on, My idea is to try to turn automatize all my repetitive daily jobs, like get my mails, check what I need to and how Can I predict to get a better result for whole week, my rage with pen claw is how I configure that, it's not a easy task, but considering the security risk, I try to avoid to run it on my own machine, I'm using it on my vps
I used one for outbound and it was pretty good (it even sold a 50$ report it created).
Currently using one for research.
I like that the agents are "learning". While the first emails were pretty trashy, I let him research on how to improve them to not sound too generic etc. The results were quite impressive.
I felt the same way. I was rolling my eyes at the hype, but reading about things like OpenClaw or Cursor is totally different from experiencing them. If you have any old repos out there — try running an agent on them, you might actually be amazed.
I'm not sure I buy the long-term "90% productivity" claims for complex, legacy enterprise systems, but for the boilerplate, libraries, build-tools, and refactoring? The gain is gigantic. All the time-consuming, nerve-wracking stuff is mostly taken care of.
You start off checking every diff like a hawk, expecting it to break things, but honestly, soon you see it's not necessary most of the time. You just keep your IDE open and feed the "analyze code" output back into it. In Java, telling it to "add checkstyle, run mvn verify and repair" works well enough that you can actually go grab a coffee instead of fighting linter warnings.
The real question it raises: If your competitor Y just fired 90% of their developers to save a buck, would you blindly follow suit? Or would you keep your team, use this massive leverage, and just dwarf Y with a vastly better product?
The 'run it on a VPS' pattern shows up every time agentic safety comes up — it's a network-level moat around a governance gap. The more interesting question is what happens inside the VPS: which tools the agent can invoke, at what frequency, with what credential scope. Isolation is a last resort; the earlier catch is at the tool invocation level, before the action reaches the network boundary. The teams seeing gigantic gains from legacy refactoring are probably also the ones most surprised when something unexpected gets deleted.
Intrigued by OpenClaw agents, but also a bit nervous about the attack surface. Should people be running this on a VM, an old personal computer, or another form of isolation? What are experienced folks actually doing in practice? (I know many just installing everything on their PC...)
As someone running a SaaS with sensitive infra, I’m especially curious about how to structure boundaries between the agent and their real‑world production systems.
I currently use it for 3 things, all of them are cron jobs that runs in the morning.
1- Check hacker news for AI related news and compile a digest 2- Check new YC companies in the P26 batch 3- Check ladybird and summarize the commits in the last 24 hour.
I'm using it to manage product backend operations through Telegram. Without OpenClaw, most tasks were automatable with Claude Code anyways, but OpenClaw lets me to chat in TG and get things done without opening up a terminal.
I also built a tax filing engine that handles my tax locally (demo: https://x.com/artoriatech/status/2036111002790490365 web: https://oktax.app)
As for security, I don't run OpenClaw on my machine, but I use a VPS and let Claude Code do security reviews regularly, and enforce OpenClaw to ask for confirmation every time it runs critical scripts or delete files.
What access do you give OpenClaw on your VPS? What about email...? There’s a new Claude Code feature that does exactly this—you might want to try it.
I'm using it to research developer pain points from reddit and other channels, then built open source tools which solves them.
You should follow @simonw Here's his procedure https://til.simonwillison.net/llms/openclaw-docker
I'm trying to it, but I'm having a lot of difficulties to turn it on, My idea is to try to turn automatize all my repetitive daily jobs, like get my mails, check what I need to and how Can I predict to get a better result for whole week, my rage with pen claw is how I configure that, it's not a easy task, but considering the security risk, I try to avoid to run it on my own machine, I'm using it on my vps
With a bunch new Claude features released lately, not really seeing a use for OpenClaw (especially if you're already on some Claude plan)
I used one for outbound and it was pretty good (it even sold a 50$ report it created). Currently using one for research.
I like that the agents are "learning". While the first emails were pretty trashy, I let him research on how to improve them to not sound too generic etc. The results were quite impressive.
I'm not really using it yet because I can do it by myself. So far I have time over money
I felt the same way. I was rolling my eyes at the hype, but reading about things like OpenClaw or Cursor is totally different from experiencing them. If you have any old repos out there — try running an agent on them, you might actually be amazed.
I'm not sure I buy the long-term "90% productivity" claims for complex, legacy enterprise systems, but for the boilerplate, libraries, build-tools, and refactoring? The gain is gigantic. All the time-consuming, nerve-wracking stuff is mostly taken care of.
You start off checking every diff like a hawk, expecting it to break things, but honestly, soon you see it's not necessary most of the time. You just keep your IDE open and feed the "analyze code" output back into it. In Java, telling it to "add checkstyle, run mvn verify and repair" works well enough that you can actually go grab a coffee instead of fighting linter warnings.
The real question it raises: If your competitor Y just fired 90% of their developers to save a buck, would you blindly follow suit? Or would you keep your team, use this massive leverage, and just dwarf Y with a vastly better product?