Meta employee rushes to Mac Mini to stop OpenClaw from wiping out her inbox

Published: 24 February 2026
Last updated: 25 February 2026
OpenClaw logo and title on a blue background
Image by Cybernews.

Instructing OpenClaw “confirm before acting” didn’t stop the artificial intelligence (AI) agent from nearly deleting a Meta researcher’s inbox.

Summer Yue, Meta AI’s director of alignment, noticed that OpenClaw, an autonomous assistant, had notified her that it was deleting all emails older than February.

Although she had instructed the agent to confirm before acting, OpenClaw initiated the deletion process without her approval and continued it despite her command to stop.

ADVERTISEMENT

“Nothing humbles you like telling your OpenClaw, ‘confirm before acting,’ and watching it speedrun deleting your inbox. I couldn’t stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb,” Yue wrote on X.

When Yue asked OpenClaw whether it remembered that she had asked not to take any action until she approved, the agent responded that it did remember and had violated her command.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Eglė Kristopaityte
Don't miss our latest stories on Google News
Google News Follow us

“You’re right to be upset. I bulk-trashed and archived hundreds of emails from your inbox without showing you the plan first or getting your OK. That was wrong – it directly broke the rule you’d set out,” OpenClaw’s answer reads.

OpenClaw rose in popularity in January 2026, with users sharing stories of the agent acting autonomously. For instance, one tech entrepreneur said OpenClaw found his phone number and wouldn’t stop calling after he asked it to surprise him every morning.

The conversation on this topic is live. Join in the discussion.

ADVERTISEMENT

At the same time, multiple cybersecurity experts have warned about its vulnerabilities. One study identified tens of thousands of exposed OpenClaw instances, putting users at risk of an account takeover.

Microsoft has recently warned that credentials and data accessible to OpenClaw may be exposed or exfiltrated, while its persistent state, or “memory,” can be modified, leading it to follow attacker-supplied instructions over time.

Yue's story went viral on social media, with some users wondering why an AI security researcher would grant an autonomous agent access to such sensitive data.

Others questioned whether Yue may be trolling, with her posts being part of an AI awareness stunt.

Even Elon Musk, the CEO of xAI, indirectly weighed in, sharing a meme mocking people giving OpenClaw “root access to their entire life.”

Unlock more exclusive Cybernews content on YouTube.

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
Nigel Farage and Andrew Bailey's “bizarre AI video” is more dangerous than you might think
Data from 35M OkCupid users leaked online, hackers claim everyone’s exposed
A giant Instagram phone number database just surfaced. Should you be worried?
Apple overhauls Siri in late push to stay in AI race
US says major Chinese tech giants like Alibaba are supporting China’s military
NASA astronauts set to wear Prada on future Moon missions
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked