Nufar Gaspar
๐ค SpeakerAppearances Over Time
Podcast Appearances
Because we are already seeing that in many tools, whether it's Cloud Code, Desktop or Cursor Marketplace, they are making connections progressively easier to set out of the box.
And of course, with Open Cloud, there are many connections already enabled as well.
So one thing that I want to say about connections is I want to encourage you to start as much as possible with a read-only access.
Before you let your agents write back into systems, let the agents only read your calendar or only read your inbox, not let them send emails and add calendar and so on.
Right access should be added after you watch the agent behave for a few weeks and you have enough trust.
And it doesn't matter if it's OpenClaw or one of the commercial tools.
The reason why I'm saying that is that the risk scales with the capability.
So the more your agents can do in real systems, the more you need to think about permissions and security.
And this is real.
We're already seeing incidents on a daily basis.
It's not just data leaks in the traditional sense.
But rather, you can imagine an agent that has access to your company Slack and a very loose set of permissions.
Someone on your team starts chatting with it.
And now the agent is happily sharing your private notes, your opinions about colleagues, your draft feedback.
So it's not a hypothetical risk.
Incidents like that are already happening.
And the agents that are gossiping while being very funny, they also pose a very big risk for employee privacy.
So use the least privileged connections, talk to your IT team if you're connecting any work systems and don't be the one creating the cautionary tales for others in your company.
Specifically for your chief of staff, at the very minimum, give it a read access to the calendar and inbox.
And even better, you can give it a read and write access on personal task list.