AICybersecurity

I Gave Clawdbot (Now Moltbot) Access to My Computer, Calendar, and Emails: Here’s What Happened

How I AI
How I AIJan 28, 2026

Why It Matters

Personal AI agents can boost productivity, but their adoption hinges on overcoming technical complexity and security risks.

Key Takeaways

  • Installing Claudebot demands multiple dependencies and hours of setup.
  • Agent accesses file system, email, calendar, raising security concerns.
  • Telegram integration provides remote control but requires careful token protection.
  • Using limited-access email and vault mitigates data exposure risks.
  • Choosing smaller model (Sonnet 45) balances capability and cost.

Summary

The episode documents a hands‑on trial of Claudebot—now renamed Moltbot—an open‑source AI agent that can act on a user’s desktop, calendar and email. The host invites the bot into a Riverside podcast via Telegram, then walks through granting microphone, camera and system permissions.

Installation proved far from plug‑and‑play. The author spent two hours installing Homebrew, updating Node, Xcode and other prerequisites before the npm one‑liner succeeded. After onboarding, he configured gateway tokens, linked a Telegram bot through BotFather, and set up Google API credentials for calendar and email access, a process that demands familiarity with OAuth and cloud console settings.

To limit exposure, he created a dedicated Google Workspace address and a restricted 1Password vault for the bot, giving it read‑only calendar rights and an Anthropic API key. He deliberately chose Anthropic’s Sonnet 45 model over the more powerful Opus, citing cost control and safety concerns, and noted the bot’s ability to schedule meetings, draft emails and even join a live podcast.

The experiment highlights both the productivity promise of personal AI assistants and the steep technical and security hurdles they pose. Enterprises considering similar agents must weigh the convenience of automated tasks against the need for rigorous permission management, sandboxed environments, and ongoing cost monitoring.

Original Description

In this episode, I take you through my unfiltered experience with Clawdbot, the viral open-source AI agent that’s been taking over tech Twitter. (In the time since this was recorded, the tool was renamed Moltbot, but we’re calling it Clawdbot here to match the episode.) It’s an autonomous AI that can run code, spin up sub-agents, join video calls, and take real actions on your machine. I invite it onto the podcast, give it screen access, and walk through what it’s like to go from zero to one with an agentic AI that actually does things. Along the way, I share the real experience: installation headaches, dependency chaos, security warnings you shouldn’t ignore, and the very real tension of giving an AI access to your messaging apps, files, and accounts. I also break down how I thought about permissions, identity, model choice, and cost while testing Clawdbot as a personal assistant.
What you’ll learn:
1. How to install and set up Clawdbot (and why it’s not as simple as the “one-liner” suggests)
2. The security implications of giving an autonomous AI access to your computer and accounts
3. How to safely limit Clawdbot’s permissions while still making it useful
4. Why Clawdbot struggles with basic time concepts but excels at research tasks
5. The future of AI assistants—and who might build the consumer-friendly version
6. How to use voice messaging with AI agents for on-the-go productivity
7. Why latency is one of the biggest challenges for autonomous AI assistants
Brought to you by:
Lovable—Build apps by simply chatting with AI: https://lovable.dev/
In this episode, we cover:
(00:00) Introduction and getting Clawdbot to join the podcast
(02:07) What Clawdbot is and how it works
(03:50) Installation process and hardware requirements
(07:26) Security considerations and creating separate accounts
(08:03) Setting up Telegram integration
(10:02) Use case: Clawdbot as an EA
(13:08) Configuring the AI agent
(14:31) Granting Google Calendar access
(18:03) Testing Clawdbot as a personal assistant
(23:16) Speed frustrations
(23:54) Email mishaps and impersonation issues
(26:33) Why prompting matters more than ever with autonomous agents
(27:32) Quick recap and family calendar management gone wrong
(32:11) Using voice messaging with Clawdbot
(36:14) Product thoughts
(37:06) Building a Next.js app to show chat history
(42:29) Research capabilities and Reddit analysis
(46:10) Final thoughts on security concerns
(48:00) The future of AI assistants and who will build them
Tools referenced:
• Moltbot (formerly Clawdbot): https://www.molt.bot/
• Telegram: https://telegram.org/
Other references:
• 1Password: https://1password.com/
• Next.js: https://nextjs.org/
• Google Workspace: https://workspace.google.com/
Where to find Claire Vo:
_Production and marketing by https://penname.co/._
_For inquiries about sponsoring the podcast, email jordan@penname.co._

Comments

Want to join the conversation?

Loading comments...