March 10, 2026
But what about security?!
The second most frequently asked question people have been sending in about my OpenClaw journey so far has been:
“I heard OpenClaw was insecure! Isn’t it risky?”
Short answer?
Yes. Yes, it is.
More answers...
Q: Can you take steps to decrease the risk of using OpenClaw?
Sure, but the threat model is so weird and new that it’s hard to know how to think about it.
(See linked article above for details. Seriously, read it.)
Q: Can you make OpenClaw 100% safe?
No. There’s no such thing as 100% safe. You could choke on your sandwich while reading this. Are you going to stop eating sandwiches?
Q: Well... I’ve been eating sandwiches my whole life. OpenClaw is brand new, and it sounds a lot more powerful than a sandwich!
Nothing is more powerful than a good sandwich ;-)
But seriously...
Everything has pros and cons. You have to decide for yourself whether the potential benefits are worth the potential risks, and if so, what you can do to mitigate the likelihood and impact of the risks.
Q: How do I even begin to assess the benefits and risks of something so new?
Talk to a trusted advisor.
ASIDE: There is a huge opportunity right now for OpenClaw early adopters to walk normies through all this. I know an OpenClaw contributor who I can connect you with if you’re looking for someone to help you get set up.
Q: Should I just wait until all this settles down and see how it plays out?
Maybe. Totally up to you.
Here’s a thought experiment to help you decide:
Would you trust a remote VA with access to things like your website, podcast, calendar, email, GitHub, etc?
If so, why?
That’s nowhere near 100% secure.
Yours,
—J