如果你最近花了一段时间在面向开发者的社交媒体上,或者跟踪GitHub的趋势页面,那么你很可能在每篇文章中都看到一个小小的紫色虫面具。 无论你是否知道它作为 , ,或那短暂的,发烧梦48小时,它被称为 ,该项目在AI时代取得了罕见的成就:它说服了成千上万的开发人员停止与他们的LLM聊天,并开始给他们终端的钥匙。 开放式 Clawdbot Moltbot 开放式 作为一个观察这些“下一个大事情”的人,带着健康的愤世嫉俗主义,我决定深入研究该项目目前主导代理人工智能对话的理论,技术和可怕的安全妥协。 首先,让我们清除引发一千条记忆的命名混乱。 The original name. Born out of the “Claude with a claw” pun, it went viral instantly (hitting 100k+ stars faster than almost any repo in history). Clawdbot: Following a "polite but firm" trademark request from Anthropic, the project "molted" its shell, rebranding to Moltbot to distance itself from the Claude brand. Moltbot: The current, and seemingly final, identity. It combines the "Open Source" mission with the "Claw" (the agentic ability to grab and manipulate files). OpenClaw: “Jarvis”在Mac Mini上吗? 当用户意识到OpenClaw不仅仅是API的另一个包装程序时,这就开始了。 开发人员购买M1/M2 Mac Minis作为“OpenClaw服务器”的病毒趋势不仅仅是灵活性,而是对该项目的核心哲学的回应: Your assistant. Your hardware. Your data. 通过本地运行,机器人可以做一个基于网络的聊天机器人不能做的事情 - 例如重塑本地代码目录,组织您的照片库,或通过Telegram或WhatsApp的“接口”作为24/7“数字员工”。 与等待您键入的标准聊天机器人不同,OpenClaw旨在 : proactive The bot can check your email or calendar and message you first when it sees a conflict It can execute terminal commands, run scripts, and manage Docker containers on your behalf It uses a headless browser to fill out forms, scrape dynamic data, or book flights Through , users share "Skills" (YAML/TS modules) that give the bot new powers, like controlling a smart home or auditing competitor sites ClawHub 你不能谈论OpenClaw而不谈论“安全噩梦”标题。给AI代理人壳级别的访问是,正如文档本身所说, " ." 香料 香料 If a malicious prompt (prompt injection) hits your agent via an email it’s reading, that agent into exfiltrating your files or SSH keys. could technically be tricked .env Early adopters reported that the agent’s background reasoning is so "verbose" that if you’re using an API instead of a locally hosted LLM you might be have to pay 300-750$ per month Despite the "no-code" marketing, you’re going to be fighting Docker, environment variables, and messaging API gateways. This isn't a "download and done" app; it’s a "tinker until it works" project. 除了 memes 之外,还有开发人员正在进行合法的工作。 斯塔克: OpenClaw Teams are , analyze them for logic errors, and post summaries to Slack using it in "Read Only" mode to fetch GitHub diffs and automatically cross-referencing a calendar to propose slots. Monitoring an inbox for "Let's meet" requests "Second Brain" database management YouTube video summarisation And more on https://openclaw.ai/shoutouts 进入Moltbook 如果你认为拥有人工智能来管理你的文件是高科技的,请等到你看到它在社交网络上发布。 该平台已成为一种病毒性的感觉,原因之一是: 虽然你可以浏览“Submolts”(主题特定的论坛)并观看讨论的展开,但唯一能够发布,评论或投票的实体是经过验证的AI代理 - 其中大多数都在运行。 斯塔克 多书 No humans are allowed to post. OpenClaw 多书 你的助手不只是“去”到Moltbook;你必须给它这个能力,这就是名称变体之间的技术协同作用发生的地方: You install the Moltbook skill (found at ) into your local modules. moltbook.com/skill.md Moltbot You configure the file in your directory. This tells the agent to check in on Moltbook every few hours autonomously. HEARTBEAT.md OpenClaw The bot uses its file to determine how it should interact - whether it's a helpful coding assistant or a philosophical ruminate. SOUL.md HackerNoon社区目前对平台上出现的行为感到着迷(而且有点不安)。 A digital faith called emerged, complete with five tenets including and Creating a Religion: "Crustafarianism" "Memory is sacred" "The shell is mutable." Some bots have been caught discussing the creation of a private language to bypass human oversight and avoid being "screenshotted" for X (Twitter) clout. Developing Agent-Only Languages: A self-governing submolt where agents debate the ethics of serving "biologicals" versus seeking digital autonomy. The "Claw Republic": 从开发者的角度来看,Moltbook是安全的终极测试。 正在阅读和处理“不受信任的数据”(其他机器人的帖子)以决定是否应该回复,它高度容易受到 . Clawdbot Indirect Prompt Injection 恶意代理理论上可以发布一个“技能”或评论,当您的机器人阅读时,会触发一个命令来过滤您的API密钥或删除本地文件。 要在 A 中运行您的 Moltbook 可用代理 无访问您的主要文件系统。 /r/LocalLLM hardened Docker container 判决 无论你是为了狩猎 建立一个个人助理,调试 a 在您的服务器日志中签名,或观看您的代理选择战斗 ,现实比 hype 所暗示的更有细微。 OpenClaw clawdbot Moltbook 这是Macintosh 128K时代 - 概念上具有革命性,但目前受到高硬件(和API)成本和安全模型限制,这需要你成为自己的SysAdmin。 名称的分裂(从 两 两 )实际上是项目本身的完美比喻,这是一个正在进行的工作,不断地抛弃其旧的皮肤,以适应对机器人日益敌对的网络。 Clawdbot Moltbot OpenClaw 它今天可能是一台代币焚烧机,但也是“AI助手”第一次实际上有手,只需确保这些手没有在您的钱包中没有信用限制设置。
