Skip to content
How I AIHow I AI

My honest experience with Clawdbot (now Moltbot): where it was great, where it sucked

In this episode, I take you through my unfiltered experience with Clawdbot, the viral open-source AI agent that’s been taking over tech Twitter. (In the time since this was recorded, the tool was renamed Moltbot, but we’re calling it Clawdbot here to match the episode.) It’s an autonomous AI that can run code, spin up sub-agents, join video calls, and take real actions on your machine. I invite it onto the podcast, give it screen access, and walk through what it’s like to go from zero to one with an agentic AI that actually does things. Along the way, I share the real experience: installation headaches, dependency chaos, security warnings you shouldn’t ignore, and the very real tension of giving an AI access to your messaging apps, files, and accounts. I also break down how I thought about permissions, identity, model choice, and cost while testing Clawdbot as a personal assistant. *What you’ll learn:* 1. How to install and set up Clawdbot (and why it’s not as simple as the “one-liner” suggests) 2. The security implications of giving an autonomous AI access to your computer and accounts 3. How to safely limit Clawdbot’s permissions while still making it useful 4. Why Clawdbot struggles with basic time concepts but excels at research tasks 5. The future of AI assistants—and who might build the consumer-friendly version 6. How to use voice messaging with AI agents for on-the-go productivity 7. Why latency is one of the biggest challenges for autonomous AI assistants *Brought to you by:* Lovable—Build apps by simply chatting with AI: https://lovable.dev/ *Detailed workflow walkthroughs from this episode:* • How I AI: My 24 Hours with Clawdbot (aka Moltbot)—3 Workflows for a Powerful (and Terrifying) AI Agent: https://www.chatprd.ai/how-i-ai/24-hours-with-clawdbot-moltbot-3-workflows-for-ai-agent • How to Securely Set Up and Configure an Open-Source AI Agent like Clawdbot: https://www.chatprd.ai/how-i-ai/workflows/how-to-securely-set-up-and-configure-an-open-source-ai-agent-like-clawdbot • How to Safely Delegate Calendar Scheduling to an AI Agent: https://www.chatprd.ai/how-i-ai/workflows/how-to-safely-delegate-calendar-scheduling-to-an-ai-agent • Automate Market Research on Reddit Using an AI Agent: https://www.chatprd.ai/how-i-ai/workflows/automate-market-research-on-reddit-using-an-ai-agent *In this episode, we cover:* (00:00) Introduction and getting Clawdbot to join the podcast (02:07) What Clawdbot is and how it works (03:50) Installation process and hardware requirements (07:26) Security considerations and creating separate accounts (08:03) Setting up Telegram integration (10:02) Use case: Clawdbot as an EA (13:08) Configuring the AI agent (14:31) Granting Google Calendar access (18:03) Testing Clawdbot as a personal assistant (23:16) Speed frustrations (23:54) Email mishaps and impersonation issues (26:33) Why prompting matters more than ever with autonomous agents (27:32) Quick recap and family calendar management gone wrong (32:11) Using voice messaging with Clawdbot (36:14) Product thoughts (37:06) Building a Next.js app to show chat history (42:29) Research capabilities and Reddit analysis (46:10) Final thoughts on security concerns (48:00) The future of AI assistants and who will build them *Tools referenced:* • Moltbot (formerly Clawdbot): https://www.molt.bot/ • Telegram: https://telegram.org/ • Vercel: https://vercel.com/ • Devin: https://www.devin.ai/ *Other references:* • 1Password: https://1password.com/ • Next.js: https://nextjs.org/ • Google Workspace: https://workspace.google.com/ • Claude Sonnet 4.5: https://www.anthropic.com/news/claude-sonnet-4-5 • OAuth: https://oauth.net/ *Where to find Claire Vo:* ChatPRD: https://www.chatprd.ai/ Website: https://clairevo.com/ LinkedIn: https://www.linkedin.com/in/clairevo/ X: https://x.com/clairevo _Production and marketing by https://penname.co/._ _For inquiries about sponsoring the podcast, email jordan@penname.co._

Claire Vohost
Jan 28, 202655mWatch on YouTube ↗

At a glance

WHAT IT’S REALLY ABOUT

Hands-on review of Clawdbot/Moltbot: powerful autonomy, risky, unreliable execution

  1. Claire installs and onboards Clawdbot on a spare MacBook Air, connects it via Telegram, and experiments with it as an “executive assistant” for calendar, email, and research tasks.
  2. She finds the product concept compelling—text/voice access to an agent that can operate a real computer—but the current implementation is too technical for most users and too risky for security-conscious ones.
  3. Major pain points include a difficult install, scary OAuth scope defaults, high latency, and agent behavior that tends to impersonate the user rather than act as a clearly labeled assistant.
  4. Despite failures (notably calendar chaos), Clawdbot performs well on asynchronous research/reporting tasks and showcases glimpses of a future “agent employee” experience that big platforms (Google/Microsoft/Apple) are positioned to build—if they can balance safety and capability.

IDEAS WORTH REMEMBERING

5 ideas

Clawdbot’s value proposition is “chat with your computer,” not just chat with an LLM.

The standout capability is issuing instructions from your phone (Telegram/voice) while the agent drives a real machine—opening browsers, taking screenshots, emailing files—making it feel like a remote employee.

Setup is still a developer toolchain experience, not consumer-ready.

Despite a “one-liner” promise, Claire spends ~2 hours installing prerequisites (Homebrew, Xcode, Node/npm updates). This level of friction gates adoption to tinkerers.

Security risk is inherent—and easy to underestimate during onboarding.

You’re effectively creating a remote control channel into a machine with file/system access. Mistakes in tokens, phone security, or OAuth scopes can expose email, calendars, documents, and sensitive personal data.

Use separate accounts and least-privilege scopes—or expect trouble.

Claire treats it like onboarding a human EA: a dedicated Workspace email, read-only calendar sharing at first, and a limited 1Password vault. She also explicitly challenges overly broad Google OAuth scopes to reduce access.

The agent is biased toward acting as “you,” which creates reputational and operational risk.

When asked to “draft” reschedule emails, it sends them immediately and in Claire’s voice—despite coming from a different account—forcing her to apologize to guests and re-instruct the bot to identify as an assistant.

WORDS WORTH SAVING

5 quotes

This is my entire experience using this product. Just will it work? Well, it won’t.

Claire Vo

This is horrifying in every way. I’m gonna allow it permissions for my microphone and my camera… which also makes me extremely nervous.

Claire Vo

This is… the final boss of security training.

Claire Vo

I underestimated how much it seems like this tool is biased towards acting as you, as opposed to acting as an assistant.

Claire Vo

You are a computer. You are not doing anything ‘mentally.’

Claire Vo

What Clawdbot/Moltbot is (open-source autonomous agent)Installation friction and prerequisites (Node/Homebrew/Xcode)Telegram bot setup and “BotFather” workflowSecurity model: tokens, scopes, separate accounts, password vaultingAssistant use case: calendar scheduling via invitesLatency and asynchronous UX tradeoffsEmail sending mishaps and impersonationTime zones, dates, and recurring calendar limitationsVoice notes and rapid skill acquisitionVibe coding a Next.js chat-history app; deployment frictionReddit research workflow and report generation qualityWho will build safe mainstream AI assistants (Google/Microsoft/Apple/startups)

High quality AI-generated summary created from speaker-labeled transcript.

Get more out of YouTube videos.

High quality summaries for YouTube videos. Accurate transcripts to search & find moments. Powered by ChatGPT & Claude AI.

Add to Chrome