I spent the weekend experimenting with Clawdbot, and I need to write this down while the impressions are fresh. I haven’t been excited about a shiny new thing in a while—I stayed up until 6am.
This isn’t another chatbot wrapper. This is what “digital worker” actually feels like when you give it teeth.
What Clawdbot Actually Is
Clawdbot is an open-source AI assistant that runs continuously on your PC and connects via Telegram, WhatsApp, or your favorite messaging app. Despite running on your PC, because it’s wired to your messaging app, you can access it on the go. Unlike traditional chatbots that exist in isolated sessions, it maintains persistent context and can execute multi-step tasks while you’re offline.
Think of it less like “assistant” and more like “agent with standing instructions and access to your infrastructure.”
My Setup: WSL2 on Windows
I’m running Clawdbot in WSL2 on Windows 11, configured with:
- GitHub Copilot for code generation and technical queries
- Work IQ for task management and context
- Local models (via Ollama or Hugging Face) - we’re not limited by anything: anything a human can do, so can an agent
- Image, audio, and video generation capabilities
- Telegram integration for mobile access
The setup genuinely took about 30 minutes. The documentation includes a step-by-step wizard, and most of it is copy-paste configuration. If you can edit a YAML file and run bash commands, you can set this up.
That said, to be truly proficient, you still need to be able to think like the agent and have a technical background to steer it correctly. It’s not magic—it’s a powerful tool that requires understanding to wield effectively.
What Makes It Feel Different
Persistence
Most AI tools reset context constantly. You’re always re-explaining background, re-establishing what you’re working on, re-iterating preferences.
Clawdbot builds context over time. It remembers past conversations, ongoing projects, your typical workflows. It’s the difference between hiring someone for an hour versus having a colleague who’s been on the team for months.
Real Actions
Here’s the thing: Clawdbot can do anything you can do. And probably more, since it can write code to do things you hadn’t thought of doing.
It’s essentially a remote desktop/shell + AI + messaging app frontend. It performs complex multi-turn planning, polls for results, writes code to interface with other systems, and executes that code.
The kicker? I didn’t need to write or connect it to MCP servers. It just writes the code to do the thing that an MCP server would do.
You can say “research these three topics and summarize the findings by morning,” close your laptop, and find the work done when you wake up.
Open Source
The community is already extending this in wild directions. Custom integrations, new capabilities, domain-specific configurations—it’s moving fast because people can actually modify the code and share improvements.
This matters more than I initially thought. When something breaks or doesn’t work for your use case, you’re not waiting for a vendor roadmap. You can fix it or find someone who already has.
The Security Problem Nobody’s Talking About
Here’s what the viral posts gloss over: the security model is terrifying if you get it wrong.
You’re giving an agent:
- Access to your email and calendar
- Read/write permissions on files and documents
- API keys to various services
- The ability to take actions on your behalf
In my testing environment, I’m being extremely cautious:
- Separate accounts for testing vs. production work
- Restricted API scopes wherever possible
- Monitoring every action the agent takes
- Regular review of what data it’s accessing
But I can already imagine scenarios where someone sets this up with full permissions on their primary accounts and gives the agent access to sensitive data without understanding the implications.
This isn’t a hypothetical concern. One misconfigured integration could expose confidential information. One buggy plugin could send unintended emails. One compromised dependency could leak credentials.
The power and the risk scale together.
What I’m Watching
I’m not testing Clawdbot as a platform engineer or someone evaluating enterprise tools. I’m testing it as an AI practitioner living on the bleeding edge, trying to understand what’s possible when you give agents real autonomy.
I’ve now deployed Clawdbot on several instances distributed across multiple PCs. All these instances are on my Telegram as separate bots, constituting a fleet of digital workers. I haven’t yet gotten them to be able to talk to each other (Telegram limitation to prevent bot chat loops), but having multiple specialized agents is already proving powerful.
What I’m specifically watching for:
- Adoption patterns among non-engineers: When does the setup complexity become a genuine barrier?
- Community-built integrations: Which use cases emerge that the original designers didn’t anticipate?
- Security incidents: What goes wrong as people deploy this more widely?
- Workflow changes: How does persistent agent access change how people work day-to-day?
- Fleet coordination: How to orchestrate multiple agents working on related tasks
Early Observations
After just a weekend, a few things stand out:
The convenience is addictive. Once you have an agent that remembers context and can actually execute tasks, going back to manual workflows feels frustrating.
The cognitive overhead shifts. You’re not spending time doing the work; you’re spending time managing and reviewing what the agent did. This is a different skill.
Trust builds slowly. I’m still double-checking everything. That’s appropriate for now, but at some point the question becomes: at what threshold do you start trusting the agent’s judgment?
The setup wizard matters. Clawdbot’s documentation assumes technical comfort but not deep expertise. That’s the right balance for reaching beyond the hardcore developer audience.
The Bigger Picture
Clawdbot is one implementation of a pattern we’re going to see everywhere: persistent agents with API access to your tools and data.
The question isn’t whether this becomes mainstream—it’s how quickly and what safeguards emerge along the way.
For now, I’m treating this as a learning opportunity. I’ll keep pushing on the setup, testing edge cases, documenting what breaks, and sharing what I find.
If you’re experimenting with Clawdbot or similar tools, I’d love to hear about your setup and what you’re learning. Connect with me on LinkedIn to continue the conversation.
Getting Started
Native Windows support is still experimental, so I’m using WSL2:
- Set up WSL2 with plenty of VHDX space:
wsl --install - Install Homebrew and build essentials:
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" sudo apt-get update && sudo apt-get install build-essential - Install Clawdbot:
curl -fsSL https://clawd.bot/install.sh | bashThis will guide you through the setup wizard.
- Configure (if you need to adjust specific settings later):
clawdbot configureUse this command anytime you need to reconfigure specific bits, including how Clawdbot will access the chat model.
- Connect to Telegram:
- Talk to @BotFather on Telegram and use the
/newbotcommand - You’ll receive a token - configure it in the clawdbot CLI on your PC
- When you message the bot on Telegram, it will create a pairing request
- Approve the pairing in the CLI so the bot only talks to you:
clawdbot pairing telegram list # Get the pairing code clawdbot pairing approve telegram <CODE> - Similar instructions exist for other messaging apps
- Talk to @BotFather on Telegram and use the
- Start chatting - you’re ready to go!
Resources
- Clawdbot: https://clawd.bot
- Documentation: Step-by-step setup guide included with the project
- Community: Active discussions in the project’s Discord and GitHub issues
This is part of an ongoing series exploring what it’s like to work on the bleeding edge of agentic systems. I’ll be sharing more as I continue testing.