Has anyone integrated OpenClaw with Devonthink? Specifically, OpenClaw running on a virtual private server (e.g. Amazon Web Services) and not locally?
Not that we are aware nor is it officially supported.
I have been thinking of doing this but with a huge degree of caution given the privacy risks with OpenClaw.
My plan is:
(1) Create a new Mac user account, iCloud ID, and email account solely for OpenClaw
(2) Run OpenClaw in a Docker container within the OpenClaw Mac account
(3) This means that if I want to experiment with Devonthink I could do it by either giving OpenClaw access to Devonthink scripts that I write or access via the unofficial Devonthink API.
(4) This would be strictly for experimentation. Initially I would only use it as an advanced To Do/Reminder app. I may later give it the ability to research the web. Devonthink would be an interesting place for it to store its reports/logs but this would need to be in a database completely separate from my real work.
Bottom line - no chance I would connect OpenClaw with my “real” Devonthink database - nor any other real data for that matter. It’s a fascinating piece of software but clearly deserves exreme caution at present until ways to fence in its capabilities are better known.
What kind of workflow or automation do you have in mind?
What exactly do you want to achieve using OpenClaw?
Initially as I am learning about OpenClaw in a very controlled environment - it seems to me it may be very useful as an advanced Reminders / To Do app. The ability to email or text tasks in a very unstructured way and get real-time reminders via text message until I confirm I have done something seems really useful. These “To Do” tasks may also involve research on the web.
Example 1 - In the middle of a really busy day my wife emails me or texts me that my son’s basketball team is in the playoffs and there are 4 popup games over the coming week. I cannot miss those games but it will require reworking a lot of detalis of my schedule. It’s the sort of “boring” every day situation that’s really important in my life and requires a lot of detail to do without dropping the ball somewhere. It isn’t easlly/quick/yneatly done in any standard task manager or calendar but OpenClaw may be able to handle it well - including managing the details and repeat texts to me to be sure I follow up on those details.
Example 2 - I am driving home and my wife tells me some appliance in the house has broken beyond repair and we need to choose a new refrigerator / washing machine / etc tonight. I do a text (by voice recognition since I am driving) to OpenClaw “Research refrigerators with XYZ features available in stock in our town” and by the time I am home it has compiled a detailed report of features, cost, and availability and it texts me with the x-Devonthink link to the report it has uploaded to Devonthink for my review.
These are simple but really useful examples that a “smart assistant” could do but no current software easily/conveniently handles. In a future world where OpenClaw can confidently be set up with security guardrails the use cases would be dramatic if OpenClaw could have access to my personal files/accounts - but even the above examples would likely be very useful even in a very much locked-down security environment.
Maybe. In the best case it’s going to work as imagined, in the worst case all your reminders are a mess or completely gone or have been published on the web.
But a time-saver in these cases? Probably not (yet). Maybe some day if Apple should integrate such options so that users don’t have to worry about installing, configuring and security.
1 Like
That may well be true.
If nothing else I will get a sense of how well the technology works or does not work.
I have read some amazing blogs and Medium posts about OpenClaw being useful for this sort of thing. It might be hype - but the viral rise in its use reminds me of Cursor, which turned out to be the real deal and not overhyped.
I will report back either way.
I would to like make automation / scripting / organisation easier.
Does the unofficial API work with Devonthink 4?
Any examples, e.g. what kind of automation or organisation?
Yes it works well
If I were running an OpenClaw-type agent in a VM, I’d probably give it a user on a DEVONthink Server with scoped permissions. Many ways to approach this, though.
And still unsupported. Always bear that in mind.
1 Like
Agreed
But you support scripting - pretty strongly (which is a great ).
Scripting can lead to all sort of issues too.
OpenClaw versus scripting isn’t an appropriate comparison.
Scripting is officially supported and controlled by our application and its dictionary. While someone could mess things up with a poorly written script, it also would take plenty of effort to do so. It is a procedural process.
You are not controlling OpenClaw in the same way any more than you are truly controlling how LLMs respond. Have you not watched or read the reports of many issues that have arisen with it? Especially at this point in time, it’s a genie in a bottle, not a serf in some fifedom. Tell it “Hey, genie: I like big cities, fancy clothes, and I want to be super wealthy. That’s my wish!” and suddenly you’re Al Capone in the 1920’s.
PS: @et al: Our stance has nothing to do with being Luddites or wet blankets. It’s about data safety and privacy, being wise and cautious and circumspect. We don’t advocate people use tools this “invasive” (1) they don’t control and (2) that have the real possibility of jeopardizing both. Similarly, we don’t recommend messing about in the Terminal except using step-by-step methods we have proven our and know to be safe. (It’s also why we tell people to copy and paste commands to avoid mistyping. I once destroyed three years of documents in less than a minute due to a trailing slash and an arrogant exclusion of a --dry-run argument.)
So, if someone wants to explore these unsupported things, it’s their prerogative. But if they destroy all their data – or as @kewms rightly mentioned, leaks it all over the world – the responsibility lies with the individual. As is often said in the States, “You break it, you bought it.”
2 Likes
Actually, in the worst case everything on your computer has been published to the web. And the computer itself has been ransom-wared.
AI agents are insecure of necessity: in order to do what they do, they essentially require the kind of access you should never give to an untrusted application.
2 Likes
I totally agree with the security concerns. That’s why I noted my initial plan for OpenClaw to be isolated in a locked down Docker container in a separate Mac user account with very limited filesystem accss and with its own iCloud ID and its own email.
If you make a mistake with a script you can delete or modify entire files or more. That does not mean we should ignore scripting - it means it is important to not get too far ahead of your safe zone.
I am not sure if you have experimented with the unofficial Devonthink API (i.e. the MCP server). It is very well done in that it lists every tool lin its toolbox and lets you choose AI permissions among always allow, always ask, or never allow.
Thus for initial OpenClaw access to Devonthink, aside from not giving it access to any private databases, I could choose to give OpenClaw read-only access to Devonthink. Then later I could incrementally increase what tools it can use and observe how it responds.
How is this more risky than scripting - especially for those who run scripts from others without an understanding of how they work?
How does that happen when OpenClaw runs in a Docker container with very limited file system access, which itself runs in a Mac user account with very limtied file system access?
The most common attack vector at this time appears to be social engineering to persuade the user to give more permissions, possibly combined with deception about exactly what permissions are being granted.
There’s an inherent collision between “limited file access” and “useful for a wide range of tasks,” though. “OpenClaw, please update my calendar to reflect [change].” "I’m sorry, I don’t have permission to do that. Here’s how to change my access settings … "
2 Likes