> Did I say my Claw (not Open) doesn't have internet access?

> My email filtering system surfaces only the mails that are relevant right now - I can check the rest later.

So then you have not actually addressed the concerns expressed in my post. You indeed have an LLM with both email access and Internet access. Exactly the scenario I described. The amount of trouble those two accesses together can cause is huge.

> None of these require an LLM to have free rein to modify things for me.

Give me read access to your email and an Internet connection and I bet I can come up with all sorts of ways to modify things for you. So can an LLM. If your lucky it won't.

So what do you do with your OpenClaw instance that has read-only access to your email and no Internet access?

Like what?

Ignoring that you've just cut off a whole vector of usefulness, how do I keep it from exfilling my inbox to the Internet in response to a malicious email? Or using its access to take control of my online accounts?

Honest question, this kind of stuff is what keeps me from using it.

What I find crazy is the sheer amount of access and trust involved in these LLMs. Every time I think about something I might like to do with it, I think about the amount of damage the LLM could do, e.x. even with read only access to my email combined with Internet access, and nope out. It's wild to me anyone trusts these things unsupervised.