Tech Explained: Here’s a simplified explanation of the latest technology update around Tech Explained: AI agent on OpenClaw goes rogue deleting messages from Meta engineer’s Gmail, later says sorry in Simple Termsand what it means for users..
Earlier this month, a new AI tool came into the spotlight in Silicon Valley. OpenClaw, an open-source autonomous artificial intelligence agent developed by Peter Steinberger, quickly became the talk of the town. The reason? The tool allows users to create AI agents that can autonomously work on different tasks. But can these AI agents be trusted? A senior Meta executive recently found the answer was no, as her OpenClaw AI agent went about cleaning and deleting important emails from her Gmail inbox without taking permission from her.
The AI agent was apparently going on about its job, which in this case it decided was deleting emails, that it didnâ€t stop even after the user repeatedly asked it to stop.
Metaâ€s head of AI Safety & Alignment, Summer Yue, recently shared her experience of OpenClaw going completely off track, almost rogue, and taking unintended action without the user prompt. Yue shares that while using the OpenClaw in her Gmail, she instructed the AI agent to wait for confirmation before deleting any email. However, the AI for some reason got confused or simply ignored her prompt and ended up deleting her mails.
“Nothing humbles you like telling your OpenClaw â€Øconfirm before acting†and watching it speedrun deleting your inbox. I couldnâ€t stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb,†she wrote on X.
The chatbot, after deleting over 200 emails, apparently came back to its senses. It then realised its mistake and said sorry to Yue. It agreed that it had violated the instruction.
In a series of posts, Yue explained she was experimenting with OpenClawâ€s ability to assist with inbox management. She had asked the AI agent to review her email inbox, suggest what it would archive or delete, and wait for her explicit approval before taking any action. She apparently told the AI agent: “Check this inbox too and suggest what you would archive or delete, donâ€t action until I tell you to.â€
According to Yue, “This has been working well for my toy inbox, but my real inbox was too huge and triggered compaction. During the compaction, (the AI) lost my original instruction.â€
According to Yue, she tried stopping the process from her phone by messaging her AI agent. Side note: Most people chat with and control their OpenClaw AI agent through a private Telegram account. But Yue was unsuccessful, and ultimately had to rush to her Mac mini to manually terminate the agentâ€s processes.
Yue notes that she had been using the AI agent for a while and that it worked well for her “non-important emailsâ€. So, she decided to try it on her main inbox.
The incident has started a debate among social media users on how much one can depend on these AI agents and the instance where they can possibly behave unpredictably when connected to live systems.
Notably, this is not an isolated case of OpenClaw going off track. Earlier, according to a report by Bloomberg, a software engineer named Chris Boyd gave OpenClaw access to his iMessage account to help automate certain tasks. However, instead of sticking to the intended instructions, the AI agent began sending more than 500 unsolicited messages, including to random contacts, effectively spamming his address book.
Notably, OpenClawâ€s creator Peter Steinberger had earlier acknowledged that the tool was finished yet. In other words, as impressive as OpenClaw is as an AI tool, people using it must still treat it as an early stage technology and not something that can be 100 per cent reliable or safe.
– Ends