I'm using openclaw for a personal development system running obsidian. It doesn't have access to anything else. Having an LLM trigger based on crons is very powerful and helps with focus and organizing.

The security risks of this setup are lower than most openclaw systems. The real risks are in the access you give it. It's less useful with limited access, but still has a purpose.

I know a guy using openclaw at a startup he works at and it's running their IT infrastructure with multiple agents chatting with each other, THAT is scary.