"DenchClaw finds your Chrome Profile and copies it fully into its own, so you won’t have to log in into all your websites again. DenchClaw sees what you see, does what you do."
The claw cesspool boldly thinks they are smart for just making all these things and probably thinks they came up with novel ideas, when everyone who has the slightest clue what is going on is petrified. Its clear these concepts are going to happen at one point, but we don't even have an answer how to do half of this safely. The worst part is that clawcels will use these for “outreach” and “content”
Question: Why do people want to do this with their mac mini? Can you not do all of this with a hosted VM instance? A mic mini makes it easier for people to set up? Everything still has to talk to data on the cloud right?
In terms of "[XYZ] for agents", I think CRM is a big one that people haven't talked about as much. It becomes super relevant as soon as people start using an agent for anything customer related.
And the design principals are already pretty well established (accounts, contacts, leads, opportunities, custom object model, stages, etc.). It just needs to be turned into a database boilerplate with a bunch of agent tools. Excited to try this out.
Everything is skills. In a file system. That is the future.
Responding to some HN comments, I understand the focus on Sales Automation and Outreach can be worrysome.
But for me personally, this is where I do all knowledge work. For me it acts like Cursor, Happenstance, News Aggregator, Fun games creator like Pacman (it has an App Store), I can import Notion into editable MD files, create reports and presentations, etc.
That's exactly the direction I took with Filestash (https://github.com/mickael-kerjean/filestash) where everything is treated as a filesystem with fine-grained control to handle authorisation, plus a virtual filesystem layer to create completely new filesystems that don't 1 to 1 map to reality.
The security concern people are raising is the right one, and I think it points to where the real value should sit in this stack.
One commenter said "the real time save is the agent pulling the right info from 5 different sources before a human writes anything" - that's exactly it. The enrichment layer upstream of the CRM is where agents can do the most good with the least risk, because it's read-only.
Giving an agent write access to your CRM + email + browser is a big trust leap. But having a script that ingests a list of company names and returns homepage, emails, phone, LinkedIn, HQ, and key contacts as a CSV - then you paste that into your CRM manually - sidesteps the whole problem. No credentials, no writes, no blast radius if something goes wrong.
The robotic email problem goes away too, because the human is still the one reviewing context and deciding what to say. The agent's job is to make sure that context is comprehensive before the human touches it.
I get the value of a personal CRM and potential power of having one locally managed by LLMs and I'd love to see such a solution, because to your point, outreach is just a small part of what you can do with a personal CRM. But, the way you describe and deliver this project is very confusing to me, it's a CRM but also Cursor for your Mac (what does that even mean?), I already run Cursor on my Mac, it also has a file tree view to use it as a better MacOS find I guess?
I think that a much cleaner messaging on what this tool is for would help.
Also a question about the implementation, why DuckDB for a CRM?
Something like SQLite feels like a much natural fit for a CRM where you primarily create, update and maybe delete records and you really care for the integrity of the data model.
From a quick look on the data model, everything seems to be a VARCHAR, if this is the case, why not just store everything in the file system instead? You do that with the md files and whatever is getting extracted from the SaaS tools.
I'm definitely biased here, but the OpenClaw hype is making people disregard the economics of it all.
Building Auto-CRM.com, my primary concern was building a system that runs well while not costing 200$ per month to keep up, and of course, while also maintaining security. I assume the good guys at Folk, Pipedrive, etc also had similarly priorities.
A lot of good work is being done within the OpenClaw ecosystem regarding RAG and memory, but specialised orchestration process to be a more reliable system.
Watched the demo — the outreach pipeline is impressive technically, but you mentioned midway that the drafted emails came out "kind of robotic" and needed manual editing. If a human still reviews and rewrites each one, where does the actual time saving land — in the data gathering, or somewhere else?
This is the right question and honestly the answer for most agent tools right now is "data gathering and context assembly, not generation." The drafting part gets all the demos but the real time save is the agent pulling the right info from 5 different sources before a human writes anything. Generation quality will catch up but the integration plumbing is where the value already exists today.
Lots of security vulnerabilities, but it was vibe coded. As much as I am an Anthropic Fanboy- I hope OpenAI can add some level of security to OpenClaw and they can get some good contributions. Although, these issues may be deep to its core.
Cold calling is not 'spam' because it is essentially done by a human. This is no different than an email spam network. So now this will just become email / linkedin spam done by corporations? I guess we turn up the filters now?
I agree that it is spam of a sort, but I don't think that's how it's generally portrayed. If biz dev and sales are just spammers (because of LLM automation) then we should reclassify them and shun those types of posts.
[astronaut with gun meme]
Neal Stephenson depicts this outcome in his novels as "The Miasma" and introduces a zero knowledge biometric based cryptography scheme used by everyone to validate content, and everyone has to have advanced AI filters in order to pluck out tiny tidbits of signal from among the noise.
We're going to need local AI to sift through the trash. Platforms have been more or less useless at curating content, and it's only smaller sites like HN that have retained a high SNR at this point. It doesn't even matter what media, at this point, video has passed the 2-3 second sniff test. We're seeing boomers get completely sniped by AI videos, even with watermark, showing absurd spin on current events. Text, music, podcasts, video, cartoons, whatever, it's all been infested, and the quality keeps increasing. I've seen a couple 2+ minute seedance productions that have been actually enjoyable, but by June that sort of thing will be one-shot prompting instead of someone gluing together the outputs from 4 difference SoTA AI tools.
It's getting weird, and we're not ready for it, at all.
I get why it looks that way from the CRM angle, but outreach is maybe 5% of what I actually use DenchClaw for day to day.
Yesterday I asked it to pull up all my meeting notes from last week, cross-reference them with my task list, and draft follow-ups. Before that I had it reorganize a messy folder of research PDFs into a structured workspace. I use it to build slides, write code (DenchClaw literally built DenchClaw), manage my calendar, search through old Notion pages I forgot existed.
The CRM part gets attention because that's what people asked for when we talked to power users. But the actual product is just "OpenClaw with a good UI, a file system, and DuckDB, running locally on your Mac." It does whatever you'd normally do on your computer. The browser is yours, the files are yours, the data never leaves your machine.
Think of it less as a sales tool and more as what happens when your entire Mac becomes programmable through natural language. The CRM is one app that runs on top of that. People are already using it for project management, research, personal knowledge bases, all kinds of stuff we didn't plan for.
This is an OpenClaw framework, so it installs / relies on your existing OpenClaw codebase. I think there has been a ton of requests on Claude Code support, someone has been working on a PR for exactly this, I'll update you here if it ships.
Looking at that star graph: Since OpenClaw became a thing, I can't help but conclude that Github interest/popularity metrics have become useless signals.
Especially considering this project is 2 days old and has 580 stars. 500 seems like it would be a nice round number if one were to purchase bot engagement. Not confident enough to make that claim directly, but something about this project doesn't sit right in general.
Can you link to it? I'm not able to find it on his account. Unless you mean his retweet of your tweet? If so, that retweet has just under 10k views and the tweet is in celebration of hitting 500 stars on Github.
Nice, this seems interesting. I don't use Obsidian (I use Logseq) but this has given me a couple of ideas for a CRM I am building (it's currently in a Personal Relationship manager phase which I've found useful for about a year or two).
Love this setup! I also use Obsidian, but after DenchClaw I usually just open my Obsidian directory into DenchClaw so I can do anything with it. It has all the needed primitives for me like the markdown editor, graphs, etc.
OpenClaw opens a wide attack surface on your digital life that cannot be remediated so long as hallucinations and prompt injection remain unsolved problems. Anything built on top of it is equally insecure and probably even more insecure.
I really don't want to yuck anybody's yums or step on dev work that I had nothing to do with, because I've been there and I know it sucks, but OpenClaw is barely secure enough to even play with in a sandbox. Giving it private information about your real business and real business contacts feels like an absolutely insane thing to do.
At best OpenClaw is like a toy... if the toy was a gun and it shot real bullets. This feels like playing Russian roulette with your livelihood.
I cannot fucking believe people are letting it remote start their cars and control their garage door. Nevermind ovens. All things people have done and posted about.
As someone that has worked in the automotive space, an enormous amount of regulation and effort is spent making sure you cannot do something like forgetfully remote start the car with your garage door closed and gas yourself. Nevermind securing it so that others cannot do this to you.
And these people are plugging it into ... this, which will happily go "oh, the car turned off after 15 minutes, let me turn it back on!"
There are realistic odds that someone is rotting in their house while their lobster pays the bills and writes blog posts for them.
This rings so true. Software Engineering should have stricter bar similar to med professionals. If we have leaked such lousy products and the public crowd thinks this is usable, it's a failure of the industry as a whole.
I like the idea of OpenClaw a lot, it's a technology that I would want in my life. But in it's current form it's kinda chilling and I cannot see it become safe to use anytime soon.
It seems to me many infosec best practices that have been built over decades have been forgot in the last few months like nothing happened. People really do give this kind of software full system access, plus access to their emails, their private chats, most likely their passwords too and who knows what else via plugins. I couldn't really imagine this happening one year ago.
I'm 100% confident that any state actor and cybercrime groups are currently heavily focusing their research on these tools. You compromise the right person and you can access all kind of critical information, it would basically be the same as having some remote control software on their system with full permissions.
And everyone on the hype train seems to be absolutely unaware of this. Maybe I'm missing something, but all of this feels so odd to me.
I think a lot of them are aware of it, but also grifters, and hoping to profit off of it before the bomb goes off so that they can claim ignorance and escape blame. New and powerful thing that people don't fully understand becomes fertile ground for grifters to sew their sins. Like when Marie Curie discovered radium and everyone and their mother started forcing it into products, including toothpaste and "medicine", within like 5-10 years.
> so long as hallucinations and prompt injection remain unsolved problems
Aren't hallucinations mathematically impossible to be _solved_? Cannot believe how so many people just willy nilly give everything they have to a lying parrot.
Seems interesting, but I see it's a fork of Openclaw that's many commits behind. Do you think you'll be able to keep DenchClaw updated with Openclaw?
I think a better solution would be to bring in one of the many Openclaw alternatives like NullClaw, ZeroClaw, etc. The magic of Openclaw is the heartbeat and cron modules so bringing in that piece should not be too difficult? I'll fork and hack away at it as well but the less dependent you are on other projects, the longer the longevity.
We started a direct OpenClaw fork, but we didn't want to always push upstream updates manually. So now we are completely detached from it. The GitHub says its a fork because it was originally forked, but now we have completely separated ourselves from it.
Now instead of bundling and patching from inside it, we just ship alongside OpenClaw so you can use the latest OpenClaw CLI separately yourself.
Ha, I get why it looks that way from the CRM angle, but outreach is maybe 5% of what I actually use DenchClaw for day to day.
Yesterday I asked it to pull up all my meeting notes from last week, cross-reference them with my task list, and draft follow-ups. Before that I had it reorganize a messy folder of research PDFs into a structured workspace. I use it to build slides, write code (DenchClaw literally built DenchClaw), manage my calendar, search through old Notion pages I forgot existed.
The CRM part gets attention because that's what people asked for when we talked to power users. But the actual product is just "OpenClaw with a good UI, a file system, and DuckDB, running locally on your Mac." It does whatever you'd normally do on your computer. The browser is yours, the files are yours, the data never leaves your machine.
Think of it less as a sales tool and more as what happens when your entire Mac becomes programmable through natural language. The CRM is one app that runs on top of that. People are already using it for project management, research, personal knowledge bases, all kinds of stuff we didn't plan for.
Wow, sorry, but given how incredibly insecure all the "claw" agent type things are right now, does this really sound wise at all?
It sees everything you do, really? What's it gonna do with that data? You don't know.
Put all your customer data in there, all your customer relationships. It's fine, it couldn't leak all that information, it couldn't screw up any sensitive business details I'm sure. This is gonna go great.
Sorry AFK everybody I'm gonna go get myself a VibeMBA.
Anyway, good luck, I'm really looking forward to the user stories in a few weeks! I'm sure this won't go badly at all.
> DenchClaw finds your Chrome Profile and copies it fully into its own, so you won’t have to log in into all your websites again. DenchClaw sees what you see, does what you do. It’s an everything app, that sits locally on your mac.
Wow that sounds great. Hey don't worry these things never blackmail anyone. Let it know if you're gonna turn it off, I bet it'll make some REAL interesting choices based on your browsing history
I'm always confused by this kind of comment about AI accessing people's chrome history because it seems to imply that the kind of person who uses this tool is both too stupid to know what private browsing is and also is into absolutely heinous stuff.
I feel like the average person is going to be like "oh no it'd be terrible if everyone found out I really like the 'big boobs' category on pornhub"
Privacy and security and whatever this could trample all over are not the same thing.
You may be legally entirely above board (though Cardinal Richelieu wouldn't let that get in the way) but you still might not want your S&M kink to be known or to be outed to conservative friends and family or have your bank account details spread around or have a $$$$$ bill run up in your AWS or LLM logins...
Oh, you have nothing to hide? Kindly paste all your payment and login credentials that your browser stores. Later we'll need to see all your DMs on Facebook, LinkedIn, Slack, Discord, etc.
Finally we'll want to know about disputes you've had with intimate partners, employers and other service providers, especially powerful ones like healthcare, insurance and financial organisations.
We should also have full published salary and benefits (etc) details right now, whatever their contract says about disclosing those, and 24x7 streamed video of their entire life with no censoring, including toilet breaks and sex and bars and parties.
And, along with all the credentials as you suggest, including private parts of PGP keys etc, accurate impressions/clones of any and all physical security/privacy devices they use such as keys to house and car and safe and gun safe and relatives' crypt, etc, etc...
> It has a CRM focus because we asked a couple dozen hard-core OpenClaw users "what do you actually do", and it was sales automation, lead enrichment, biz dev, creating slides, linkedin outreach, email/notion/calendar stuff, and it's always painful to set up.
So basic automation and forcing the web to be "open"...
No one is talking about how AI is going to destroy business models that are dependent on dark patterns, on walled gardens, on poorly designed one size fits all implementations (so many things wedged sideways into sales force).
Yea, it has been a little shocking to me that the rising narratives around "AI agents everywhere" and "enable the web for AI agents" requires what we've all been wanting for awhile on the web (openness and interoperability) but that the same big players in tech have been clearly against for a long time. Like the fact that Google recently released that Google Workspace CLI (https://github.com/googleworkspace/cli) is a perfect example.
They could've released something like that years ago (the discovery service it's built on has existed for over a decade) but creating a simple, accessible, unified CLI for general integration apparently wasn't worth it until agents became the hot thing.
I wonder when / if there will be a rug pull on all of this. Because I really don't see what the long-term incentives are for incumbent tech platforms to make it easy for automated systems to essentially pull users away from the actual platform. I guess they're focused on the short term incentives. And once they decide the party's over, promising upstarts and competition can get absorbed and it'll be business as usual. Idk, we'll see.
the crm isnt the hard part, the hard part is that most sales teams have a workflow problem disguised as a tooling problem. local first is smart but id focus on opinionated defaults for pipeline stages because thats where 90% of founders building their own crm get stuck, they model their process wrong then blame the software.
Depends on what you're using it for I suppose. A common tactic with Openclaw itself is to have a cheap or local model as the default, with rules to "escalate" to other models based on task complexity/type. But if every cron job comes with complete access to your personal machine and browser profile... Yeah, better go for the most predictable model you can find.
Are people using bottomless VC money to fund the API calls for these *Claw things?
I first tried OpenClaw with a local model, it gave poor performance. Then I tried it with Claude - great but it blew through hundreds of dollars in tokens in about an hour.
I find it amusing that one of the main things to do with OpenClaw and other similar tools is create a Web Interface on top of it so that users can click on buttons when the entire promise of the technology is that you don't have to do any of that because it transcends standard UI.
I mean, ultimately why would you even need a CRM if not to sell something? And if you are going to sell something ultimately you want to get that done without any additional layers of abstraction. So the interface is the definition of the goal and the output is measured in results.
"Hey claw, I want to sell my product. Go figure it out!"
In response maybe we should design TCPAclaw. It is specialized in honeypotting all of the random cold call spam, tracks down the source of unsolicited contacts; including registration state, legal contacts, and registered agent(s). It then drafts and sends a TCPA letter and waits for one of two things to happen: Either a $500-$1500 check arriving in your mailbox, or the demand deadline elapses. In case of demand deadline elapse, TCPAclaw files a small claims suit in the appropriate court of jurisdiction.
That's... not a bad idea. The downside is the bot would be doing a lot of these and false-positives would be... embarrassing (like a real investor outreach).
> It has a CRM focus because we asked a couple dozen hard-core OpenClaw users "what do you actually do", and it was sales automation, lead enrichment, biz dev, creating slides, linkedin outreach, email/notion/calendar stuff, and it's always painful to set up.
Fuck me, it's going to get worse before it gets better, isn't it?
I've taken that bit out of the text above - I originally advised Kumar to put it in there (it's actually from the opening of the demo video), but in hindsight, I should have known it would backfire with the HN audience.
The way imports work in DenchClaw is a bit unconventional, when you tell it to "import my HubSpot", the agent literally opens your browser (using the copied Chrome profile), navigates to HubSpot, triggers the export, and then ingests the downloaded files into the workspace DuckDB. So the bottleneck isn't really a fat in-memory ETL... it's more like processing a CSV/JSON export file on disk.
For the DuckDB side specifically: we shell out to the duckdb CLI binary for every query rather than embedding it in the Node process. So each operation gets its own memory space and dies when it's done. the web server at localhost:3100 stays lean regardless of what you're ingesting. DuckDB's out-of-core execution also means it can handle datasets larger than available RAM natively, which is one of the reasons we picked it over SQLite.
For really large exports (think full HubSpot instance with 100k+ contacts), the practical limit is more about the browser export step than DuckDB. HubSpot itself chunks its exports, and we process those chunks as they land. The DuckDB insert is the fast part.
Honestly for CRM-scale data, even a large sales org's full HubSpot, DuckDB eats it for breakfast. Where it would get interesting is if someone tries to throw analytics-scale data at it, but that's not really the use case. Would love to hear how IndexedDB holds up for you at scale in AccIQ, different trade-offs for sure.
> The way imports work in DenchClaw is a bit unconventional, when you tell it to "import my HubSpot", the agent literally opens your browser (using the copied Chrome profile), navigates to HubSpot, triggers the export, and then ingests the downloaded files into the workspace DuckDB.
What’s stopping the agent from doing literally any other thing in HubSpot? You know, small stuff like editing/deleting records, sensing emails, launching marketing campaigns, deleting reports, etc.
Our HubSpot import seed skills have strong always on prompts for asking user before doing any action, and it knowing where to click. For actions faster than browser, the skill also knows how to use hubspot cli.
Ideally for these pursposes, I would ALWAYS use Claude Opus 4.6 for this stuff, personally I have never seen it do unintended things to that extent.
Also, when the browser opens you can supervise it doing the thing, since you can see what its doing, you can always stop it if it ever goes wrong.
The "early React" analogy resonates. I've been seeing the same pattern with MCP (Model Context Protocol) — the primitive is powerful (AI assistants calling tools via a standard protocol), but most implementations are still gluing things together ad-hoc. There's a gap between "I can build an MCP server" and "this is a polished, opinionated product."
The DuckDB choice is smart for local-first. I use ClickHouse for production analytics and the difference in operational complexity is night and day — DuckDB just works for single-node use cases without any infrastructure overhead.
Curious about the Chrome profile cloning approach. That's clever for importing auth state, but does it create any issues with cookie/session conflicts if both profiles try to access the same service simultaneously?
Prompt injection as a service.
And the design principals are already pretty well established (accounts, contacts, leads, opportunities, custom object model, stages, etc.). It just needs to be turned into a database boilerplate with a bunch of agent tools. Excited to try this out.
Responding to some HN comments, I understand the focus on Sales Automation and Outreach can be worrysome.
But for me personally, this is where I do all knowledge work. For me it acts like Cursor, Happenstance, News Aggregator, Fun games creator like Pacman (it has an App Store), I can import Notion into editable MD files, create reports and presentations, etc.
One commenter said "the real time save is the agent pulling the right info from 5 different sources before a human writes anything" - that's exactly it. The enrichment layer upstream of the CRM is where agents can do the most good with the least risk, because it's read-only.
Giving an agent write access to your CRM + email + browser is a big trust leap. But having a script that ingests a list of company names and returns homepage, emails, phone, LinkedIn, HQ, and key contacts as a CSV - then you paste that into your CRM manually - sidesteps the whole problem. No credentials, no writes, no blast radius if something goes wrong.
The robotic email problem goes away too, because the human is still the one reviewing context and deciding what to say. The agent's job is to make sure that context is comprehensive before the human touches it.
I think that a much cleaner messaging on what this tool is for would help.
Also a question about the implementation, why DuckDB for a CRM?
Something like SQLite feels like a much natural fit for a CRM where you primarily create, update and maybe delete records and you really care for the integrity of the data model.
From a quick look on the data model, everything seems to be a VARCHAR, if this is the case, why not just store everything in the file system instead? You do that with the md files and whatever is getting extracted from the SaaS tools.
Telling DenchClaw to "make it less robotic" on 300+ personalised drafts is still better than me actually making it less robotic myself imo
We're going to need local AI to sift through the trash. Platforms have been more or less useless at curating content, and it's only smaller sites like HN that have retained a high SNR at this point. It doesn't even matter what media, at this point, video has passed the 2-3 second sniff test. We're seeing boomers get completely sniped by AI videos, even with watermark, showing absurd spin on current events. Text, music, podcasts, video, cartoons, whatever, it's all been infested, and the quality keeps increasing. I've seen a couple 2+ minute seedance productions that have been actually enjoyable, but by June that sort of thing will be one-shot prompting instead of someone gluing together the outputs from 4 difference SoTA AI tools.
It's getting weird, and we're not ready for it, at all.
Yesterday I asked it to pull up all my meeting notes from last week, cross-reference them with my task list, and draft follow-ups. Before that I had it reorganize a messy folder of research PDFs into a structured workspace. I use it to build slides, write code (DenchClaw literally built DenchClaw), manage my calendar, search through old Notion pages I forgot existed.
The CRM part gets attention because that's what people asked for when we talked to power users. But the actual product is just "OpenClaw with a good UI, a file system, and DuckDB, running locally on your Mac." It does whatever you'd normally do on your computer. The browser is yours, the files are yours, the data never leaves your machine.
Think of it less as a sales tool and more as what happens when your entire Mac becomes programmable through natural language. The CRM is one app that runs on top of that. People are already using it for project management, research, personal knowledge bases, all kinds of stuff we didn't plan for.
will you be enforcing the same for the users of your product?
if not, i am not sure how this statement addresses the above concerns.
[1]: https://xcancel.com/kumareth/status/2023534527113818625
[1] https://www.ssp.sh/brain/managing-my-business-with-obsidian/
Thanks for sharing.
I really don't want to yuck anybody's yums or step on dev work that I had nothing to do with, because I've been there and I know it sucks, but OpenClaw is barely secure enough to even play with in a sandbox. Giving it private information about your real business and real business contacts feels like an absolutely insane thing to do.
At best OpenClaw is like a toy... if the toy was a gun and it shot real bullets. This feels like playing Russian roulette with your livelihood.
As someone that has worked in the automotive space, an enormous amount of regulation and effort is spent making sure you cannot do something like forgetfully remote start the car with your garage door closed and gas yourself. Nevermind securing it so that others cannot do this to you.
And these people are plugging it into ... this, which will happily go "oh, the car turned off after 15 minutes, let me turn it back on!"
There are realistic odds that someone is rotting in their house while their lobster pays the bills and writes blog posts for them.
This is a month-old project by someone how has been suckling at the YC teat of release as early as possible; #YOLO. There's no "engineering" here.
It seems to me many infosec best practices that have been built over decades have been forgot in the last few months like nothing happened. People really do give this kind of software full system access, plus access to their emails, their private chats, most likely their passwords too and who knows what else via plugins. I couldn't really imagine this happening one year ago.
I'm 100% confident that any state actor and cybercrime groups are currently heavily focusing their research on these tools. You compromise the right person and you can access all kind of critical information, it would basically be the same as having some remote control software on their system with full permissions.
And everyone on the hype train seems to be absolutely unaware of this. Maybe I'm missing something, but all of this feels so odd to me.
Aren't hallucinations mathematically impossible to be _solved_? Cannot believe how so many people just willy nilly give everything they have to a lying parrot.
I think a better solution would be to bring in one of the many Openclaw alternatives like NullClaw, ZeroClaw, etc. The magic of Openclaw is the heartbeat and cron modules so bringing in that piece should not be too difficult? I'll fork and hack away at it as well but the less dependent you are on other projects, the longer the longevity.
Now instead of bundling and patching from inside it, we just ship alongside OpenClaw so you can use the latest OpenClaw CLI separately yourself.
Yesterday I asked it to pull up all my meeting notes from last week, cross-reference them with my task list, and draft follow-ups. Before that I had it reorganize a messy folder of research PDFs into a structured workspace. I use it to build slides, write code (DenchClaw literally built DenchClaw), manage my calendar, search through old Notion pages I forgot existed.
The CRM part gets attention because that's what people asked for when we talked to power users. But the actual product is just "OpenClaw with a good UI, a file system, and DuckDB, running locally on your Mac." It does whatever you'd normally do on your computer. The browser is yours, the files are yours, the data never leaves your machine.
Think of it less as a sales tool and more as what happens when your entire Mac becomes programmable through natural language. The CRM is one app that runs on top of that. People are already using it for project management, research, personal knowledge bases, all kinds of stuff we didn't plan for.
It sees everything you do, really? What's it gonna do with that data? You don't know.
Put all your customer data in there, all your customer relationships. It's fine, it couldn't leak all that information, it couldn't screw up any sensitive business details I'm sure. This is gonna go great.
Sorry AFK everybody I'm gonna go get myself a VibeMBA.
Anyway, good luck, I'm really looking forward to the user stories in a few weeks! I'm sure this won't go badly at all.
Wow that sounds great. Hey don't worry these things never blackmail anyone. Let it know if you're gonna turn it off, I bet it'll make some REAL interesting choices based on your browsing history
I feel like the average person is going to be like "oh no it'd be terrible if everyone found out I really like the 'big boobs' category on pornhub"
You may be legally entirely above board (though Cardinal Richelieu wouldn't let that get in the way) but you still might not want your S&M kink to be known or to be outed to conservative friends and family or have your bank account details spread around or have a $$$$$ bill run up in your AWS or LLM logins...
Finally we'll want to know about disputes you've had with intimate partners, employers and other service providers, especially powerful ones like healthcare, insurance and financial organisations.
And, along with all the credentials as you suggest, including private parts of PGP keys etc, accurate impressions/clones of any and all physical security/privacy devices they use such as keys to house and car and safe and gun safe and relatives' crypt, etc, etc...
So basic automation and forcing the web to be "open"...
No one is talking about how AI is going to destroy business models that are dependent on dark patterns, on walled gardens, on poorly designed one size fits all implementations (so many things wedged sideways into sales force).
They could've released something like that years ago (the discovery service it's built on has existed for over a decade) but creating a simple, accessible, unified CLI for general integration apparently wasn't worth it until agents became the hot thing.
I wonder when / if there will be a rug pull on all of this. Because I really don't see what the long-term incentives are for incumbent tech platforms to make it easy for automated systems to essentially pull users away from the actual platform. I guess they're focused on the short term incentives. And once they decide the party's over, promising upstarts and competition can get absorbed and it'll be business as usual. Idk, we'll see.
Is this a bot lol, use words not buzzwords
I first tried OpenClaw with a local model, it gave poor performance. Then I tried it with Claude - great but it blew through hundreds of dollars in tokens in about an hour.
Or is everybody a billionaire now?
I mean, ultimately why would you even need a CRM if not to sell something? And if you are going to sell something ultimately you want to get that done without any additional layers of abstraction. So the interface is the definition of the goal and the output is measured in results.
"Hey claw, I want to sell my product. Go figure it out!"
You don't need a UI for that.
Take OPs example…
> I am addicted now that I can ask it, “hey in the companies table only show me the ones who have more than 5 employees”
Now how could that command language look like, maybe something like…
PICK * of COMPANIES if EMPLOYEE_COUNT >10;
We could call this DCCL: Dench Claw Command Language!
Fight fire with fire.
Sigh.
Fuck me, it's going to get worse before it gets better, isn't it?
For the DuckDB side specifically: we shell out to the duckdb CLI binary for every query rather than embedding it in the Node process. So each operation gets its own memory space and dies when it's done. the web server at localhost:3100 stays lean regardless of what you're ingesting. DuckDB's out-of-core execution also means it can handle datasets larger than available RAM natively, which is one of the reasons we picked it over SQLite.
For really large exports (think full HubSpot instance with 100k+ contacts), the practical limit is more about the browser export step than DuckDB. HubSpot itself chunks its exports, and we process those chunks as they land. The DuckDB insert is the fast part.
Honestly for CRM-scale data, even a large sales org's full HubSpot, DuckDB eats it for breakfast. Where it would get interesting is if someone tries to throw analytics-scale data at it, but that's not really the use case. Would love to hear how IndexedDB holds up for you at scale in AccIQ, different trade-offs for sure.
What’s stopping the agent from doing literally any other thing in HubSpot? You know, small stuff like editing/deleting records, sensing emails, launching marketing campaigns, deleting reports, etc.
Ideally for these pursposes, I would ALWAYS use Claude Opus 4.6 for this stuff, personally I have never seen it do unintended things to that extent.
Also, when the browser opens you can supervise it doing the thing, since you can see what its doing, you can always stop it if it ever goes wrong.
Broad term for tools used to manage interactions with existing customers and/or sales prospects.
The DuckDB choice is smart for local-first. I use ClickHouse for production analytics and the difference in operational complexity is night and day — DuckDB just works for single-node use cases without any infrastructure overhead.
Curious about the Chrome profile cloning approach. That's clever for importing auth state, but does it create any issues with cookie/session conflicts if both profiles try to access the same service simultaneously?