What annoys me most about OpenClaw after trying it for a few weeks is that it cosplays security so incredibly hard, it actually regularly breaks my (very basic) setup via introducing yet another vibe coded, poorly conceptualized authentication/authorization/permission layer, and at the same time does absolutely nothing to convince me that any of this is actually protecting me of anything.

Maybe this idea is lost on 10^x vibecoders, but complexity almost always comes at a cost to security, so just throwing more "security mechanisms" onto a hot vibe-coded mess do not somehow magically make the project secure.