Hey guys, I just published a detailed documentation on how I deployed and secured my instance of OpenClaw/Moltbot/Clawdbot, feel free to take a look at : https://opclwsec.patchoutech.com/ There is also a link to a shared NotebookLM Notebook in there so you can question the docs and look at the video and audio overviews. Let me know what you think, I kinda like this mode of publication over traditional "blog post"

VIEW RECORDING - 139 mins (No highlights) Meeting Purpose A coaching call for AI developers to share progress, discuss challenges, and exchange best practices. Key Takeaways - Secure AI Agents: Treat agents like coworkers with separate identities (email, GitHub) and use GitHub as a mandatory PR-based approval pipeline for all agent work, including code and documentation. - Iterate with AI, Deploy with Code: Use AI agents to rapidly prototype and validate processes. Once a workflow is deterministic, convert it to a script (e.g., JavaScript) for faster execution and lower token costs. - "Software on Demand" is the New Default: Build custom tools to replace SaaS subscriptions, even for small costs. This creates perfectly tailored, single-user software that eliminates vendor lock-in. - Navigate Corporate AI with Governance: In regulated industries like banking, prioritize governance (e.g., SOC 2), align projects with leadership's success metrics, and provide free services to security teams to build rapport. Topics Project Updates & Demos - Frank Labs (Ty): An AI team that augments business functions (SDR, support, finance) using a hybrid model: Local: Mistral 7B on an EC2 instance. API: GPT-4O for core functions. RAG: Provides business-specific context. Guardrails: A "council" of independent agents (security, prompt injection) self-checks outputs, inspired by the "five thinking hats" method. Lead Gen Stack: Perplexity, Hunter, Apollo, and Clay (for ICP grounding). - Worksheet Automation (Morgan): Process: Markdown → HTML → PDF. Method: Prototyped with Claude Skills, then converted to a JavaScript app. Result: Execution time reduced from 30–90s (skills) to ~3s (script). - CSV to Static Site (Mitch): Goal: Enable non-technical team members to generate static HTML sites from CSV data. Proposed Solution: A Claude Skill that calls a deterministic JavaScript function, deployed via Claude's Codex tool. - OpenClaw Security Framework (Patrick): Core Principle: Treat the agent as a coworker with a separate identity. Identity Isolation: Dedicated Gmail, calendar, and GitHub accounts. GitHub PRs are the mandatory approval pipeline for all work. Access Control: Web UI is disabled; access is via SSH tunnel only. Primary interaction is via Telegram. Memory Externalization: All decisions are logged to an Obsidian Vault, synced via GitHub, for full auditability. Tech Stack: Ubuntu 24.04 VM on Proxmox; Claude Code is used as a tool for coding tasks. - AI Developer Friction (Juan): Challenge: New agentic workflows create friction with traditional development teams. Solution: Consultants can introduce these methods as outside experts, bypassing internal resistance.

📞 HOW THE CALLS WORK The calls can run 2+ hours. We want to make sure we're respecting everyone's time. Especially those of you who actually show up. Here's the structure: 👉 Reply to this post with your questions before the call 👉 If you submit a question and you're on the call, you go first 👉 We work through questions in the order they came in 👉 Then we open it up for everyone else If you can't make the call but want your question answered, drop it in the comments. We'll get to it. But priority goes to people who are there. The goal is simple: if you're taking the time to show up, you shouldn't have to wait behind questions from people who aren't even on the call. 🔗 ZOOM LINK (save this) https://us06web.zoom.us/j/81995207847?pwd=Xe6u6LmIQOmCP5VTnOwWYjDBfZNKGB.1 📅 WHEN This is for Tuesdays February 3rd at 6PM ET Looking forward to seeing you on the calls!

Took the plunge and deployed it on my own AWS infrastructure. For those who've been curious but haven't pulled the trigger yet - it's real and it works. My setup: - Isolated VPC with private subnet (no public IP) - Access via Telegram only - Zero exposed ports - SSM for admin - Encrypted storage, locked-down permissions First conversation hit and Claude responded through Telegram. Wild feeling having an agent just... waiting for me. Security was my main hesitation. Solved it by putting everything behind NAT with no inbound routes. The agent can reach out (APIs, Telegram) but nothing can reach in. If you're on the fence - the infrastructure side is more approachable than it looks. Happy to compare notes with anyone else who's deployed.

Quick workflow I stumbled into that's been surprisingly useful. Instead of manually analyzing a platform or community, I have Claude Code do it: • Navigate to the target site • Screenshot key pages • Analyze content patterns • Report back structured findings Did this for this Skool community yesterday. In about 10 minutes I had: • Community size and activity levels • All the content categories • Which post formats get engagement • Platform-specific formatting quirks (like code blocks not rendering) • Tone patterns from high-performing posts The browser automation caught things I would have missed. Like discovering the platform doesn't render markdown properly — would have built the wrong thing without that insight. The prompt pattern is simple: "Navigate to [URL], analyze the content structure and engagement patterns, tell me what resonates with this audience." Works for competitor analysis, community research, content strategy — anywhere you need to understand what actually works vs what you assume works. Anyone else using Claude's browser tools for research like this?