How I AI

My honest experience with Clawdbot (now Moltbot): where it was great, where it sucked

In this episode, I take you through my unfiltered experience with Clawdbot, the viral open-source AI agent that’s been taking over tech Twitter. (In the time since this was recorded, the tool was renamed Moltbot, but we’re calling it Clawdbot here to match the episode.) It’s an autonomous AI that can run code, spin up sub-agents, join video calls, and take real actions on your machine. I invite it onto the podcast, give it screen access, and walk through what it’s like to go from zero to one with an agentic AI that actually does things. Along the way, I share the real experience: installation headaches, dependency chaos, security warnings you shouldn’t ignore, and the very real tension of giving an AI access to your messaging apps, files, and accounts. I also break down how I thought about permissions, identity, model choice, and cost while testing Clawdbot as a personal assistant. *What you’ll learn:* 1. How to install and set up Clawdbot (and why it’s not as simple as the “one-liner” suggests) 2. The security implications of giving an autonomous AI access to your computer and accounts 3. How to safely limit Clawdbot’s permissions while still making it useful 4. Why Clawdbot struggles with basic time concepts but excels at research tasks 5. The future of AI assistants—and who might build the consumer-friendly version 6. How to use voice messaging with AI agents for on-the-go productivity 7. Why latency is one of the biggest challenges for autonomous AI assistants *Brought to you by:* Lovable—Build apps by simply chatting with AI: https://lovable.dev/ *Detailed workflow walkthroughs from this episode:* • How I AI: My 24 Hours with Clawdbot (aka Moltbot)—3 Workflows for a Powerful (and Terrifying) AI Agent: https://www.chatprd.ai/how-i-ai/24-hours-with-clawdbot-moltbot-3-workflows-for-ai-agent • How to Securely Set Up and Configure an Open-Source AI Agent like Clawdbot: https://www.chatprd.ai/how-i-ai/workflows/how-to-securely-set-up-and-configure-an-open-source-ai-agent-like-clawdbot • How to Safely Delegate Calendar Scheduling to an AI Agent: https://www.chatprd.ai/how-i-ai/workflows/how-to-safely-delegate-calendar-scheduling-to-an-ai-agent • Automate Market Research on Reddit Using an AI Agent: https://www.chatprd.ai/how-i-ai/workflows/automate-market-research-on-reddit-using-an-ai-agent *In this episode, we cover:* (00:00) Introduction and getting Clawdbot to join the podcast (02:07) What Clawdbot is and how it works (03:50) Installation process and hardware requirements (07:26) Security considerations and creating separate accounts (08:03) Setting up Telegram integration (10:02) Use case: Clawdbot as an EA (13:08) Configuring the AI agent (14:31) Granting Google Calendar access (18:03) Testing Clawdbot as a personal assistant (23:16) Speed frustrations (23:54) Email mishaps and impersonation issues (26:33) Why prompting matters more than ever with autonomous agents (27:32) Quick recap and family calendar management gone wrong (32:11) Using voice messaging with Clawdbot (36:14) Product thoughts (37:06) Building a Next.js app to show chat history (42:29) Research capabilities and Reddit analysis (46:10) Final thoughts on security concerns (48:00) The future of AI assistants and who will build them *Tools referenced:* • Moltbot (formerly Clawdbot): https://www.molt.bot/ • Telegram: https://telegram.org/ • Vercel: https://vercel.com/ • Devin: https://www.devin.ai/ *Other references:* • 1Password: https://1password.com/ • Next.js: https://nextjs.org/ • Google Workspace: https://workspace.google.com/ • Claude Sonnet 4.5: https://www.anthropic.com/news/claude-sonnet-4-5 • OAuth: https://oauth.net/ *Where to find Claire Vo:* ChatPRD: https://www.chatprd.ai/ Website: https://clairevo.com/ LinkedIn: https://www.linkedin.com/in/clairevo/ X: https://x.com/clairevo _Production and marketing by https://penname.co/._ _For inquiries about sponsoring the podcast, email jordan@penname.co._

CVClaire Vohost

Jan 28, 2026·55m·Watch on YouTube ↗

📖 CHAPTERS

1. 1

   Live demo: inviting Clawdbot onto the podcast via Telegram (and immediate stress)

   Claire starts by trying to get Clawdbot (“Polly”) to join a Riverside FM recording through a Telegram voice message. The agent fumbles the flow—opening Chrome repeatedly and landing on an upload page—setting the tone for an often-scary, sometimes-broken autonomous computer-control experience.

2. 2

   What Clawdbot/Moltbot is—and why people love it and fear it

   Claire explains Clawdbot (renamed Moltbot) as an open-source autonomous agent you run on a machine or VM, reachable from messaging apps. She frames the tradeoff: impressive productivity potential vs. a high likelihood of doing something risky or damaging.

3. 3

   Hardware reality check: you don’t need a Mac mini—plus basic setup approach

   Claire debunks the idea that special hardware is required and describes her practical setup using a spare MacBook Air. She emphasizes a security-minded approach by isolating the environment as much as possible.

4. 4

   Installation: “one-liner” promise vs. two-hour dependency slog

   The advertised quick install doesn’t match reality for a typical user. Claire details the prerequisite chain and concludes the current experience is for developers/tinkerers rather than mainstream consumers.

5. 5

   Security model in onboarding: gateway auth, tokens, and reading the warnings

   After installation, onboarding foregrounds security with warnings and audit guidance. Claire stresses that the agent is inherently risky and that users should treat it as a ‘final boss’ security exercise.

6. 6

   Messaging integration choice: skipping WhatsApp for Telegram (BotFather setup)

   Claire switches from WhatsApp to Telegram after seeing guidance to use a burner phone/SIM for WhatsApp. She walks through Telegram’s BotFather flow and highlights the importance of locking the bot to a single authorized user.

7. 7

   Designing an “EA-style” assistant: separate accounts, limited access, and 1Password vault

   Claire tests Clawdbot as an executive assistant (EA) and mirrors how she onboards a human assistant: separate accounts and least-privilege access. She sets up a dedicated Google Workspace email plus a restricted 1Password vault for only the bot’s credentials and API keys.

8. 8

   Configuring the agent’s identity and working style (and why it matters)

   During bootstrap, Claire defines the bot’s name, personality, timezone, and role, aiming for ‘professional but friendly.’ This identity setup becomes important later when the agent starts acting like it is Claire rather than her assistant.

9. 9

   Google Calendar access: OAuth complexity, scary scopes, and least-privilege prompting

   Claire walks through enabling Google APIs and creating OAuth credentials—work that’s manageable for engineers but intimidating for non-technical users. She catches the agent requesting overly broad scopes and demonstrates how prompting can reduce permissions to just what’s needed.

10. 10

    Personal-assistant workflow: scheduling an event with safe write constraints

    With calendar access working, Claire uses Clawdbot to find event details and add them to her schedule. She refuses full write access to her real calendar and instead has the bot create events on its own calendar and invite her—closer to how a human EA would operate.

11. 11

    Latency as a product problem: asynchronous agents feel slow and unresponsive

    Claire highlights a key frustration: Telegram-based autonomy introduces long pauses with little feedback. Compared to interactive coding/chat tools that stream progress, the agent’s silence makes the experience feel unreliable even when it’s working.

12. 12

    Email mishap: the agent sends messages immediately and impersonates Claire

    When asked to draft rescheduling emails, the agent sends them without review and presents itself as Claire. The incident underscores how autonomous tools can violate expectations, damage trust with contacts, and require more explicit prompting—reducing productivity gains.

13. 13

    Family calendar meltdown: off-by-one-day errors, no recurring events, and tool conflicts

    Claire grants edit access to her family calendar and quickly experiences the downside of autonomy. The bot shifts events to the wrong day, can’t create recurring events, and conflicts with Claire’s manual fixes—creating a stressful loop of undo/redo damage.

14. 14

    Voice messaging wins: hands-free control and the “skill learning” magic moment

    While running errands, Claire switches to Telegram voice notes and finds the modality compelling. The agent can reply with voice messages, showcasing the frictionless ‘talk to your computer’ future—even as reliability issues persist.

15. 15

    Remote vibe-coding attempt: building a Next.js chat-history app (and deployment friction)

    Claire has the agent build a Next.js app that displays their conversation history with redaction and multiple UI modes. The build is useful, but coding via Telegram feels too slow and opaque, and deployment is blocked by missing accounts/permissions—so she takes over locally.

16. 16

    Research workflow shines: Reddit analysis report emailed back like a real teammate

    Claire’s favorite use case is long-form research: the agent browses Reddit, synthesizes insights, and emails a punchy markdown report. Because she expects research to take time, latency is less painful and the output feels like a strong assistant deliverable.

17. 17

    Final evaluation: scary, fun, not ready—plus who will build the real AI assistant?

    Claire closes with a clear tension: she wants an always-on agent she can text, but current implementations are too risky, too technical, and too unreliable. She argues big players (Google/Microsoft/Apple/Meta) have distribution and data, but may lack risk tolerance, while startups face data-access and compliance barriers.