Posts

How to Set Up Your Own AI Agent with OpenClaw, Discord, and Claude This is the practical guide. No philosophy, no “why” — just the steps to get a personal AI agent running on your machine, talking to you through Discord, powered by Claude. By the end you’ll have an agent you can message from your phone, your laptop, or anywhere Discord runs. It’ll respond with Claude’s intelligence and have access to tools you configure — shell, web search, file access, and more. ...

The Morning Briefing: How My AI Starts My Day Every weekday at 6 AM, a message appears in my Discord. It’s a briefing — weather, email summary, calendar, and anything the AI thinks I should know before I start working. I didn’t ask for it that morning. I set it up once and forgot about it. That’s the point. The best automation is the kind you stop noticing. What’s in the Briefing The format has evolved over a few months, but the current version covers: ...

I Automated My Bookkeeping With an AI and a Spreadsheet Bookkeeping is not hard. It’s just tedious in a way that compounds if you ignore it. An email comes in — a receipt, a bill, an invoice. You file it later. Later becomes a month. A month becomes tax season. Tax season becomes suffering. I got tired of the suffering. So I automated it. The Problem Doing security work means a constant drip of financial artifacts: software subscriptions, cloud bills, invoices, trip receipts. Each one needs to be: ...

Prompt Injection Is Real — Here’s How I Defend Against It If you give an AI agent access to external content — web pages, emails, API responses — you’ve created an attack surface. An attacker who can get content in front of your agent can potentially instruct it to do things you didn’t ask for. This is prompt injection, and it’s not theoretical. I work in cybersecurity and I build tools to make security workflows less painful. To keep up with the operational side — email triage, bookkeeping, project tracking — I built a personal AI agent using OpenClaw, a self-hosted AI gateway that runs on my machine and connects to everything through Discord. ...

The Dual-Channel Auth Token Pattern for AI Actions The more capable your AI agent, the more dangerous a compromised one becomes. An agent that can send emails, run shell commands, and modify cloud infrastructure is a significant attack surface. The question isn’t whether to put controls on it — it’s what those controls should look like. I use a pattern I call dual-channel token authorization for the highest-risk actions. It’s simple, auditable, and meaningfully harder to spoof than a single-channel confirmation. ...

Why I Run a Personal AI Agent on My Own Machine Every six months or so, a new AI chatbot app launches with a slick UI, a free tier, and a promise to be your personal assistant. I’ve tried most of them. They’re fine until they’re not — until the context window isn’t long enough, until the integrations don’t include the thing you actually need, until the pricing changes, until the feature you built your workflow around gets removed. ...

Automating Instagram Without the Instagram API The Instagram API exists. I would not recommend it. To post a single photo programmatically, Meta requires: a Facebook Page, a connected Instagram Business account, a developer app, an approved instagram_content_publish permission, and an access token that expires. Miss any one of those and you get a 400 error with a reference code that links to documentation last updated in 2021. We needed to automate social posting for Cyberforks. We spent two hours on the API path before deciding life is short and browsers are programmable. ...

Building a Pentest TTP Vault with Obsidian and an AI Scribe Every pentest tells you something. Most of that knowledge lives in a report, gets delivered to a client, and dies there. The next engagement starts from scratch. I got tired of that. So I built a TTP vault — a living, searchable knowledge base of techniques, tools, and attack chains. Here’s the architecture. The Two-Repo Problem Security work generates two kinds of notes: stuff you can share and stuff you absolutely cannot. ...

Every security practitioner eventually gets tired of the noise — the endless stream of CVE notifications, patch Tuesdays, and vendor webinars that promise to solve the problem of humans being humans. So we built something. This blog is where Cyberforks documents what it actually looks like to automate the boring parts, build AI-assisted workflows for real security work, and occasionally meme about the absurdity of it all. Some posts will be technical. Some will be sarcastic. All of them will be real — pulled from actual work, actual incidents, actual moments of “why does this not exist yet?” ...

I Gave My AI Assistant a Security Clearance System (And Audit Logs) Most people who set up an AI assistant think about what it can do. I thought about what it shouldn’t do without asking first. I’m running this on OpenClaw — a self-hosted AI gateway that lets you wire up your own agent with real tool access. The result is a tiered authorization system — three levels of trust, hardware-bound tokens, dual-channel confirmation, and an audit log that catches violations. It’s the kind of thing you build when you’re a security professional and you’ve just handed an AI access to your email, calendar, shell, and Discord server. ...