zlacker

[return to "Clawdbot - open source personal AI assistant"]
1. xtagon+Sl[view] [source] 2026-01-26 03:37:47
>>KuzeyA+(OP)
Wild. There are 300 open Github issues. One of them is this (also AI generated) security report: https://github.com/clawdbot/clawdbot/issues/1796 claiming findings of hundreds of high-risk issues, including examples of hard coded, unencrypted OAuth credentials.

I am...disinclined to install this software.

◧◩
2. strang+Cn[view] [source] 2026-01-26 03:54:17
>>xtagon+Sl
If you read the PR, the bad issues are in a few extensions, not the bot itself. The unencrypted oAuth token isn't really a big deal. It should be fixed but its a "if this box is compromised" type thing. Given the nature of clawdbot, you are probably throwing it on a random computer/vps you don't really care about (I hope) without access to anything critical.
◧◩◪
3. cmorga+Zn[view] [source] 2026-01-26 03:58:16
>>strang+Cn
You know, as the rest of us do, that someone has already thrown it loose in the same place where they store their banking information. Oh well, lessons will be learned about containers.
[go to top]