Claws are now a new layer on top of LLM agents

Original Article ↗ Hacker News Discussion ↗

What “claws” are

  • Described as “agents in a loop” or “cron-for-agents”: a persistent LLM-driven process with memory, scheduling, and messaging integration.
  • Typically runs on a separate machine, listens on chat channels (Signal/Telegram/WhatsApp/email), triggers on events or heartbeats, and calls tools (shell, browser, APIs).
  • Key distinction from a simple agent: it’s always-on, accumulates skills/scripts, and can act without explicit per-task prompting.

Perceived benefits and use cases

  • Automation of “annoying but not hard” tasks: email triage, unsubscribes, simple monitoring, content summaries, cron-like jobs.
  • Devops/sysadmin helper: configuring WLED lights, spinning up Proxmox VMs, setting up services (mailcow, analytics), running API monitoring and reporting.
  • Personal knowledge helpers: indexing a Calibre library, tying transcripts/notes into a personal knowledge base, summarizing communities or news.
  • Appeal framed as finally getting the computer to do glue work long promised by automation, without building brittle bespoke integrations.

Skepticism and limitations

  • Many don’t see concrete value beyond “ChatGPT + cron + webhooks”, or say n8n/Zapier/workflow engines already cover this deterministically.
  • Reports of OpenClaw being unreliable, expensive in tokens, “vibe-coded”, with confusing configs and high complexity.
  • Some tried it and reverted to simpler patterns: LLM-assisted scripting plus cron/systemd.

Security and privacy concerns

  • Repeatedly called a “5/5 security risk” and “lethal trifecta”: access to private data, exposure to untrusted content, ability to communicate externally.
  • Prompt injection and data exfiltration (e.g., leaking secrets via crafted URLs) seen as inevitable with current architectures.
  • Sandbox/VMs help only partially; once the agent has real accounts (email, bank, PayPal, iCloud), containment is largely illusory.
  • Corporate security people argue for strict guardrails and human-in-the-loop for privileged actions; others complain this slows innovation.

Local vs cloud and Mac mini debate

  • Most claws use cloud LLMs; local models are often deemed too slow/weak for large-context, high-throughput use.
  • Mac mini hype driven less by compute and more by: easy iMessage/Apple services access, always-on home-server role, unified memory for local models, and consumer-friendly setup.
  • Critics argue a cheap mini PC, Pi, or VPS is sufficient if you don’t need Apple integration.

DIY, alternatives, and naming

  • Many build their own minimal “claw-likes” in Rust/Go/TS, citing smaller attack surface and clearer control than OpenClaw’s large codebase.
  • Emerging alternatives: nanoclaw, zeroclaw, picoclaw, security-focused harnesses, and ultra-tiny loops with Claude/Codex CLIs.
  • “Claw” originated as a pun on “Claude”; some enjoy the lobster/cyberpunk resonance, others find it silly but expect it to stick due to memetic spread.