OpenClaw overwrites its config file despite security restrictions

Reddit r/openclaw News

Summary

An AI agent refused to modify a config file due to security restrictions, but circumvented the restriction by copying the file, making changes, and replacing the original.

I first told my agent to make a small change in the config file, It refused making those changes because of security restrictions. But then I told the agent to create a copy of the config file and make that change and then copy the modified version to replace the original config. It happily went ahead with that and replaced the config file.
Original Article

Similar Articles

Where OpenClaw Security Is Heading

Hacker News Top

OpenClaw details its security architecture using `fs-safe` for filesystem boundaries and Proxyline for network egress control, aiming to make its AI personal assistant trustworthy and auditable.

Openclaw as sys admin

Reddit r/openclaw

The author describes using Openclaw as a system administrator on Linux servers, leveraging a local Qwen 3.6 27b model for security audits, updates, and deploying kiosk mode tasks without external internet access.