Originally posted on X: https://x.com/cocktailpeanut/status/2017328971327607263

After experimenting with #OpenClaw (aka ClawdBot), here are the only two approaches I would recommend if you were my friend, depending on your use case:

1. Pure Local Mode

Use Openclaw entirely offline. No third-party services. No APIs. Decline all skills. Just:

1. Install Openclaw with ONLY an LLM connection
2. Connect a local device like Rabbit R1 via your local network, with ZERO cloud access.
3. Talk to your computer like a walkie talkie

Ask it to organize your files. Query your file system. Point it at a project path and start working, while lying on your bed (BTW someone should also build a push-to-speak localhost web app that emulates this). Even just with this it's gonna change your life.

Is this perfectly secure? No. But from my experience using Claude Code and Codex CLI, I'm comfortable with this approach (This is equivalent to running these CLI agents with --dangerously-bypass-approvals-and-sandbox but a lot of people already do it this way because it's safe enough although not perfect. If you are cautious, just make sure to back up your system occasionally).

Do your own research on how the underlying LLM providers handle data before committing, but it works for me. At least it's way better than connecting all kinds of skills and channels that send your data to someone else's server and could even wipe out everything there (such as wiping out your entire email inbox, etc.)

2. Pure Remote Mode

This is the opposite---use OpenClaw to orchestrate online services. Connect Telegram, WhatsApp, Gmail, your bank account, or whatever.

But here's the key: create fresh accounts explicitly for this purpose.

Never connect your existing accounts.

Think of it as spawning a new autonomous digital entity, not extending yourself. It's not about YOU, it's about creating a self-sovereign bot with its own clean identity.

Also: don't host it on your machine. Use a hosting service. There are plenty that support OpenClaw today. The reason is, if you run it on your own home machine:

1. You can't access it from outside
2. Even if you add tunnels like cloudflare or tailscale, this means you have to keep your machine always running at home. For this specific use case, you do NOT need to access YOUR files, so there's not much benefit in running this on your machine. Of course, you could set up a dedicated machine or run it in a container, but IMO not really worth it for this use case.

For this use case, the rule is simple: don't connect YOUR stuff. Set up everything fresh, just for the bot.

TLDR

• Local = private walkie-talkie to your computer
• Remote = autonomous bot with its own fresh identity

Of course, I am not speaking as an expert and everyone can do whatever they want, but this is the only options i would personally recommend to my friends if they wanted to try out Openclaw, so if you are an adventurous soul, i'm not stopping you. Also this is a spectrum, so as long as you know what you're doing you could kind of mix a little bit of each, but you must know what you are doing.

But If you want to stay safe, pick one lane. Don't mix them. I am pretty confident that at some point there will be a huge disaster coming from the autonomous bots if you are not careful and mix these two. Prompt injection, ransomware, draining your bank account, FBI raiding your home thinking you're a terrorist or a hacker, etc. This will be your apocalypse. So stay safe and have fun!