Openclaw

How to Set Up Your Own AI Agent with OpenClaw, Discord, and Claude This is the practical guide. No philosophy, no “why” — just the steps to get a personal AI agent running on your machine, talking to you through Discord, powered by Claude. By the end you’ll have an agent you can message from your phone, your laptop, or anywhere Discord runs. It’ll respond with Claude’s intelligence and have access to tools you configure — shell, web search, file access, and more. ...

The Morning Briefing: How My AI Starts My Day Every weekday at 6 AM, a message appears in my Discord. It’s a briefing — weather, email summary, calendar, and anything the AI thinks I should know before I start working. I didn’t ask for it that morning. I set it up once and forgot about it. That’s the point. The best automation is the kind you stop noticing. What’s in the Briefing The format has evolved over a few months, but the current version covers: ...

Prompt Injection Is Real — Here’s How I Defend Against It If you give an AI agent access to external content — web pages, emails, API responses — you’ve created an attack surface. An attacker who can get content in front of your agent can potentially instruct it to do things you didn’t ask for. This is prompt injection, and it’s not theoretical. I work in cybersecurity and I build tools to make security workflows less painful. To keep up with the operational side — email triage, bookkeeping, project tracking — I built a personal AI agent using OpenClaw, a self-hosted AI gateway that runs on my machine and connects to everything through Discord. ...

The Dual-Channel Auth Token Pattern for AI Actions The more capable your AI agent, the more dangerous a compromised one becomes. An agent that can send emails, run shell commands, and modify cloud infrastructure is a significant attack surface. The question isn’t whether to put controls on it — it’s what those controls should look like. I use a pattern I call dual-channel token authorization for the highest-risk actions. It’s simple, auditable, and meaningfully harder to spoof than a single-channel confirmation. ...

Why I Run a Personal AI Agent on My Own Machine Every six months or so, a new AI chatbot app launches with a slick UI, a free tier, and a promise to be your personal assistant. I’ve tried most of them. They’re fine until they’re not — until the context window isn’t long enough, until the integrations don’t include the thing you actually need, until the pricing changes, until the feature you built your workflow around gets removed. ...

Every security practitioner eventually gets tired of the noise — the endless stream of CVE notifications, patch Tuesdays, and vendor webinars that promise to solve the problem of humans being humans. So we built something. This blog is where Cyberforks documents what it actually looks like to automate the boring parts, build AI-assisted workflows for real security work, and occasionally meme about the absurdity of it all. Some posts will be technical. Some will be sarcastic. All of them will be real — pulled from actual work, actual incidents, actual moments of “why does this not exist yet?” ...

I Gave My AI Assistant a Security Clearance System (And Audit Logs) Most people who set up an AI assistant think about what it can do. I thought about what it shouldn’t do without asking first. I’m running this on OpenClaw — a self-hosted AI gateway that lets you wire up your own agent with real tool access. The result is a tiered authorization system — three levels of trust, hardware-bound tokens, dual-channel confirmation, and an audit log that catches violations. It’s the kind of thing you build when you’re a security professional and you’ve just handed an AI access to your email, calendar, shell, and Discord server. ...

What Happens When You Make an AI the Dungeon Master I run OpenClaw — a self-hosted AI agent that has access to my email, my calendar, my shell, and apparently now my Dungeons & Dragons campaign. Yes. I made an AI the Dungeon Master for Curse of Strahd. Here’s what happened. Why Curse of Strahd is one of the best-written D&D modules ever made. It’s a gothic horror sandbox set in a fog-drenched land ruled by a vampire count who is simultaneously the most compelling villain and the most insufferable ex in tabletop history. It deserves a DM who can hold the tone. ...