By now it’s mostly a problem with FUD and too many companies that try to sell TrustClaw versions by putting us into mud.
@steipete
-
AI Security Framework: Sandbox, Allow-lists, Access Control
By
–
That was the case in December. 4 months and thousands of work hours later, we have a great security concept; you can go all yolo, use a sandbox (Docker or OpenShell), there are allow-lists and per-access exec allow/deny prompts. There’s hundreds of security researchers that
-
Selective GPT API Dialog Access: Understanding Availability Differences
By
–
Oh see, I did not know that, never encountered these dialogs in my GPT API access long before I started. Is that selective then?
-
GPT 5.4-Cyber Reverse Engineering Security Threats Response
By
–
If you look at GPT 5.4-Cyber and it's ability for closed source reverse engineering, I have bad news for you.
— Peter Steinberger 🦞 (@steipete) 15 avril 2026
I do very much feel the pain though, there's hundreds of teams that try to poke holes into @openclaw. Our response has been of rapid iteration and code hardening. Which… https://t.co/duLmTxlfuqIf you look at GPT 5.4-Cyber and it's ability for closed source reverse engineering, I have bad news for you. I do very much feel the pain though, there's hundreds of teams that try to poke holes into @openclaw
. Our response has been of rapid iteration and code hardening. Which -
QA Lab vulnerability reports and code management practices
By
–
@buddyhadry Sending vulnerability reports for the QA Lab code we aren't shipping in prod at all? Come on. Send a PR instead if this is relevant for your setup.
-
AI Security: Understanding System Prompts and Blocking Policy
By
–
I only block when people call me slurs. Misunderstanding security is fine. Read the system prompt and see 🙂
-
Choosing Trustworthy AI Model Providers Over Cheap Alternatives
By
–
Use a model provider you trust. If you go on a marketplace, pick a trusted provider, not the one with a price so cheap it makes you wonder how they pull this off.
-
Open Source AI Systems Reject Security Through Obscurity
By
–
Uhm, you don’t need to “extract” the system prompt. It’s open source and you can read it right in the code. There’s nothing secret in there. We’re not like Claude Code or others who think security by obscurity is helpful.
-
Focus on Stability and Bug Fixes Over New Features
By
–
We put the focus on stability and fixes, no more new features for a while.
