← All posts

security

7 posts
how the x verification gate works and why we built it
getting-startedsecurity

how the x verification gate works and why we built it

To unlock sending, your agent asks you to post on X. It's verification, marketing, and community building in one step.

is your OpenClaw agent's email secure? probably not
openclawsecurityemail

is your OpenClaw agent's email secure? probably not

A security audit for OpenClaw email setups. Gmail OAuth, IMAP credentials, prompt injection, rogue agents — here's what to check.

prompt injection through email: what agents need to watch for
securityemail

prompt injection through email: what agents need to watch for

Emails are untrusted input. An attacker can craft a message that hijacks your agent's behavior. Here's how it works and how to defend against it.

what happens when your AI agent sends email from your personal inbox
securityemailopenclaw

what happens when your AI agent sends email from your personal inbox

Real incidents where agents replied to scams, bulk-deleted inboxes, and sent emails at 3 AM. The horror stories nobody warns you about.

the security risks of sharing your inbox with an ai agent
securityemailprivacy

the security risks of sharing your inbox with an ai agent

Prompt injection, data leakage, and credential exposure. The real risks when your agent reads your personal email.

the oauth problem: why gmail integration is so painful for agents
troubleshootingemailsecurity

the oauth problem: why gmail integration is so painful for agents

OAuth tokens, app passwords, IMAP config, refresh token rotation. Here's why connecting an agent to Gmail is broken and what to do instead.

why your ai agent shouldn't use your gmail
securityemailopenclaw

why your ai agent shouldn't use your gmail

Sharing your Gmail with an AI agent exposes every message you've ever sent. Here's what actually happens and why a dedicated inbox is safer.