OpenClaw and the Wild West of Autonomous AI Agents

Full Description

Malicious code is making its way into VS Code extensions this week, as two Chinese-based AI coding assistants are identified as capturing every file on a user’s computer and sending it to servers in China without their knowledge or consent. The “MaliciousCorgi” campaign spyware copies every file a user opens and edits, can remotely trigger mass file collections, and loads commercial analytics SDKs to build identify profiles and monitor every interaction a user makes. Please just be cautious about what you’re installing on your machines, folks. In related news, the Deno team has introduced Deno sandboxes to create and deploy secure, isolated VMs in the cloud. Strict permissions, network policies, directories, and isolated secrets—make these sandboxes great for AI agents, or any other dynamic workload where speed and security are paramount. And the software going viral this week is OpenClaw (aka Clawdbot aka Moltbot), which is an open source, autonomous AI agent that runs locally on a user’s machine. OpenClaw can connect to LLMs and perform tasks like managing emails, scheduling, reorganizing local files or other daily tasks, and is designed to be proactive rather than just reacting to prompts. It’s truly the Wild West giving an AI agent access to read all the files on a machine or respond to emails on its own, so again, be careful out there, folks. In Lightning News, Google has jumped on the AI browser bandwagon by baking more Gemini features into Chrome: think agent sidecars and multi-tab awareness, and the latest Apple OS has a new containerization tool to create VMs on a Mac (which might be handy for your OpenClaw instance, just a thought).