Unlock Editor’s Digest for free
FT editor Roula Khalaf has chosen her favorite stories in this weekly newsletter.
A personal agent working just for you has long been a dream in the tech world. When you use your computer in the background to manage your schedule, organize your emails, and access the Internet for research and shopping, you can take on a lot of your digital load.
The technology elements are finally in place to make this a reality. But as the first demonstrations of personal digital agents see the light of day, questions that still need to be answered before widespread acceptance are becoming clear. The most important of them: How can you be sure that they are always working in your own best interests?
OpenClaw, a technology project that took the developer world by storm earlier this year, provided a glimpse of one possible future for personal agents. OpenClaw, first known as Clawdbot and then Moltbot, gained widespread public interest late last month when agents created with the technology began chatting on a social network built specifically for the bot.
The underlying tools that made this possible are likely to have more lasting interest than conversations between bots. These are the features that all the big tech companies want to offer their users in an effort to turn personal assistants like Siri and Gemini into omnipotent agents.
OpenClaw was released as open source software, so demand is driven by the fact that users are free to build their own app integrations. But from a technology perspective, there’s nothing particularly special about OpenClaw. That intelligence is provided by one of the language models you can tell it to utilize.
Its power relies on several basic ingredients. These include giving the agent full access to the user’s computer and the freedom to try any action to accomplish the specified task. It also has enough memory to recall previous sessions, improving personalization.
There’s also a website called ClawHub where developers post “skills” that can be used to train agents to perform specialized tasks. This mirrors the plugin skills Anthropic created this year for Cowork agents, and is an early sign of an “App Store for Agents” that could someday become important.
However, it is not safe to expose such technology to the broader computing population unless some strict requirements are met. This includes checking whether the agent can be fully trusted. That’s always going to be difficult with probabilistic AI systems.
It also has access to all your data, so it should be completely secure and respect your privacy. And you need to be confident that those design decisions were made with your own best interests in mind, not the interests of the company that built them.
Where OpenClaw completely fails is safety. As things stand, a prompt injection attack (a threat in which someone instructs an agent, perhaps via email, to do something fraudulent, such as divulging credit card information) is very likely to occur.
This is an obvious hole in a prompt-based system and can be difficult to fix. This is one of the main issues Apple must resolve before its delayed upgrade to Siri, the core of Apple’s intelligence, finally sees the light of day.
For big tech companies, these personal agents promise to more closely connect billions of users to their products and services. Whether that means Siri, which runs on Apple’s various devices, or Google Assistant, which handles your data collected across the company’s various services.
OpenAI, which hired an OpenClaw developer last weekend, is hinting at a different future. It’s a future of a wide range of independent agents, unfettered by the business interests of big tech companies.
The AI company has committed to operating OpenClaw as an independent project under a separately established open source foundation. Lacking a broad ecosystem of devices, apps, and services that connect users to established technology empires, OpenAI can afford to be more disruptive in its efforts to tap into the agent market.
However, OpenAI’s own incentives will change as it looks to build an even bigger business around ChatGPT, including plans for new advertising services and a variety of devices. OpenClaw is an interesting early sign of what’s to come, but it’s still too early to tell how most people will first experience the services of a personal digital servant.
richard.waters@ft.com
