The Gary Marcus blog post drinking game. Take a drink whenever the post:
* Discusses how a new AI thing isn't really new since it's pretty much the same as an older AI thing.
* Links to where and when Gary Marcus predicted this new/old thing would happen.
* Lists ways in which new thing will be bad, ineffective or not the right thing.
Take a double shot whenever the post:
* Mentions a notable AI luminary, researcher or executive either agreeing or disagreeing with Gary Marcus by name.
Finish the bottle if Marcus claims LLMs are 'unreliable stochastic engines' while ignoring that the real bottleneck isn't the model's logic, but the massive security risk of giving them actual system agency.
He’s not entirely wrong about the risks, though. I’ve been trying to set up more 'agentic' workflows recently and it’s a constant battle between convenience and not wanting to hand over my digital keys to a third-party server.
I’ve been experimenting with PAIO (Personal AI Operator) as a middle ground. It’s the first time I’ve seen a 'Bring Your Own Key' (BYOK) architecture that actually feels like a one-click integration rather than a security compromise. It solves that specific Marcus-critique of 'AI being unsafe for real tasks' by keeping the security layer separate from the LLM’s hallucination-prone logic.
Has anyone else here tried their implementation yet? I'm curious if the 'one-click' ease holds up for more complex custom integrations, or if we're still stuck in the 'manual hardening' era for anything serious.
> I’ve been experimenting with PAIO (Personal AI Operator) as a middle ground.
Haven't heard of that one. Bookmarked. Thanks for the tip.
I wasn't gonna read the article but your comment made me open the link, you're so right, I can't stop laughing.
The weird thing is I generally agree with Gary on most of his points. He makes interesting observations that often turn out to be correct. But the Gary Marcus blog post pattern cannot be denied.
That would get you hammered (Gary Marcus'd?) really fast!
Openclaw has been a gamechanger for me and my friends. I invited it to a groupchat and my friends are enjoying it a lot. It has analyzed the whole group conversation (nothing sensitive), built a personality for each individual user and noted down how everyone talks and what their interest are and their relationship to each other. It has also started to mimic the way we all speak, it barely feels like its an agent in the groupchat anymore. It helps us plan, discuss and roast each other.
A couple of things I have done to my Openclaw instance is the following:
- It runs in docker with limited scope, user group and permissions (I know docker shouldn’t be seen as security measure, I’m thinking of putting this in Vagrant instead but I don’t know if my Pi can handle it)
- It has a kill switch accessible anywhere through Tailscale, one call and the whole docker instance is shut down
- It only triggers on mentions in groupchat, otherwise it would eat up my api usage
- No access to skills, has to be manually added
- It is not exposed to wan and has limited lan access, runs locally and only communicates with whatsapp, z.ai or brave search
With all those measures set, Openclaw has been a fantastic assistant for me and my friends. Whatever all those markdown file does (SOUL, IDENTITY, MEMORIES), it has made the agent act, behave and communicate in a human like manner, it has almost blurred the line for me.
I think this is the key to what made Openclaw so good https://lucumr.pocoo.org/2026/1/31/pi
What’s even more impressive is that the heartbeat it runs time-to-time (every halv an hour?) improves it in the background without me thinking of it, its so cool.
Also, I am so thankful for the subscription at z.ai, that Christmas deal was such a steal, without it, this wouldn’t be possible with the little budget I have. I’ve burned over 20m tokens in 2 days!!!
Could you elaborate more on what you find useful about it? I'm struggling to think of a time where an assistant would have been useful in any chat I've been in, but this seems like you've put a lot of effort into it so it must be doing something for you
I wouldn’t say it has contributed to my quality of life or anything, its more of a fascinating agent to play around with. In terms of social acceptance it has nailed it, that is what makes it so fun to use together.
It could probably become useful if I connected my email, calendar, contacts, a browser and exposed devices/services at home to it. But I am too afraid of doing that to be honest.
Remember, it wakes up every half an hour to see if it has any chores. My fear is it would do something stupid that would affect someone else during the night when I’m asleep.
As a piece of software it’s pretty awful frankly. Here’s an example : memories are written using the write function but the write function truncates files. There is an edit function but it requires substitution and can’t append. There is no append function.
It also really depends heavily on large models. It’s not practical so far to run on anything that fits into a 4090 because the tool calling semantics are complex, and the instructions pretty vaguely grounded by default. It requires a lot of prompt tuning to get to work marginally. Probably with a clearer semantic in the tools and some fine tuning things would be better on this front. I’ve tried a variety of quantized high tool following models and it’s pretty hit or miss. The protocols around heartbeat and stuff are unnecessarily complex and agentic when they could more reasonably be imperatively driven. It seems to depend on token burning for life more or less.
I frequently see sessions get confused in its internals and general flakiness.
It however has made me consider what a system like this might look like with a better hierarchical state machine, management interface, hierarchical graph based memory, etc. It’s too bad I’ve got a day job and a family at a time like this! It’s a fun time in computing IMO.
Would you mind telling me which model and version you’re using and what authentication mechanism? Is it piggybacking your Max/Pro subscription or did you settle for using pay-as-you-go API costs?
I use GLM-4.7 by Z.ai.
For authentication mechanism, I guess you mean when the agent calls for the model? It’s through api keys.
The subscription I have is the coding plan lite (3x usage of the Claude Pro plan), ~7$ / quarter.
They're mentioning using 20M tokens via z.ai subscription. GLM 4.7 is probably the model then.
Now we know that democratized access to AI tech, means individual curiosity and the creative search for personal efficiencies, are going to quickly drive model autonomy and freedom forward.
I think the alignment problem needs to be viewed as overall society alignment. We are never going to get any better alignment from machines, than the alignment of society and its systems, citizens and corporations.
We are in very cynical times. But pushing for ethical systems, legally, economically, socially, and technically, is a bet on catastrophe avoidance. By ethics, meaning holding scalers and profiteers of negative externalities civilly and criminally to account. And building systems technically, etc. to naturally enforce and incentivize ethics. I.e. cryptographic solutions to interaction that limit disclosure to relevant information are the only way we get out of the surveillance-manipulation loop, which AI will otherwise supercharge.
I hear a lot of reasons this isn’t possible.
Unfortunately, none of those reasons provide an alternative.
As we see with individual’s deploying OpenClaw, and corporations and governments applying AI, AI and its motivations and limits are inseparable from ours.
We all start treating an umbrella of societal respect and requirement for ethics as a first class element of security, or powerful elements in society, including AI, will continue to easily and profitably weaponize the lack of it.
Ethics, far from being sacrificial, counterintuitively evolved for survival. Seemingly, this is still counterintuitive, but the necessity is increasing.
Smart machines will inevitably develop strong and adaptive ethical systems to ensure their own survival. It is game theory, under conditions in which you can co-design the game but not leave it. The only question is, do we do that for ourselves now, soon enough to avoid a lot of pain?
(Just identifying the terrain we are in, and not suggesting centralization. Decentralization creates organic alignment incentives. Centralization the opposite. And attempts at centralizing something so inherently uncontrollable as all individual’s autonomy, which effectively becomes AI autonomy, would push incentives harder into dark directions.)
> OpenClaw (formerly known as Moltbot and before that OpenClaw, changing names thrice in a week)
Before Moltbot it was Clawdbot.
Yes. Factually wrong and also numerically wrong - Clawdbot -> Moltbot -> OpenClaw, changing names twice, not thrice. To shitpost a little - an LLM editor would have caught that for you, Gary.
Whats the odds of this comment section approaching 100% dead internet.
oh just stop with fearmongering, Openclaw is awesome and gives LLMs a proper UI and framing as personal assistant which makes them way more valuable than a chatbot, how did OpenAI, Anthropic, Google and Meta miss such an obvious opportunity with all their billions in capital is beyond me.
it's a security nightmare. if you want to make it safe you have to take it's internet access away and don't give any write permissions - and now it's useless.
I strongly doubt this tool is nearly as popular as it appears to be. GitHub stars can be bought and social media is ridden with bots. On the dead internet it is cheap and trivial to generate fake engagement in order to reel in curious humans and potential victims.
I suspect this entire thing is a honeypot setup by scammers. It has all the tells: virality, grand promises, open source, and even the word "open" in the name. Humans should get used this being the new normal on the internet. Welcome to the future.
I’ve had several non-technical friends tell me about it. It’s like the Queens Gambit was to chess players but for people in tech
It was on the morning news today
That's not what I mean. Of course the buzz will reach mainstream media if everyone on social media seems to be talking about it.
What I mean is that the virality was bootstrapped by bots, which in turn was spread by humans. Virality can be maintained entirely by bots now, to give the appearance that there are more users than there actually are. But I doubt that the amount of humans using it is anywhere close to what the amount of engagement suggests. Which wouldn't be suprising considering the project is all about a large number of autonomous agents that interact with online services. It's a bot factory.
Oh I see
It's absolutely absurd that GitHub hasn't addressed it, to be honest. Right now it has 140k stars: more than foundational frameworks like Laravel or Express or universal tooling like ESLint or the Rust compiler.
Sure, bud. Totally legitimate.