@Devsan282 profile picture
sandip parida @Devsan282
Joined September 2022
  • Tweets 83
  • Following 102
  • Followers 14
10 Photos and videos
Finally making my open-source openclaw agent deploy vps platform available to everyone Built with Ruby on Rails, OpenSaaS lets you deploy AI agents and Docker applications from a simple dashboard. Would love feedback from the Ruby community ❤️ github.com/princetechs/opens… #ruby #rubyonrails #opensource #docker #aiagents #openclaw

GitHub - princetechs/opensass: Open-source SaaS engine for self-hosted AI agents(openclaw,hermes)....

Open-source SaaS engine for self-hosted AI agents(openclaw,hermes). Multi-tenant Rails 8 platform with billing, provisioning, autoscaling—deploy in minutes - princetechs/opensass

github.com
1
29
From SimpleClaw to YC — what a journey. What I admire most is your focus on simplicity. While many products add more features, you've consistently focused on reducing friction and helping users get results faster. That's a rare product instinct. Huge congratulations, Savio. Excited to see how far Result goes @saviomartin7 #indiehacker #products #agents #openclaw
Savio
@saviomartin7
Jun 10
We let our users do the talking result.dev
2
39
sandip parida retweeted
sandip parida
@Devsan282
Jun 10
Replying to @ZooClawAI
hey @pbteja1998 — been deep in agentic-AI security lately (prompt injection, tool-scope abuse, secret/api-key exposure across user instances). would you be open to an authorized, scoped security test of your platform? your rules, test instance only, clean responsible-disclosure write-up on anything i find.
1
1
39
The Agent Wasn’t Hacked. It Was Too Helpful. Your AI agent is not just a chatbot. If it can use tools, read files, move data, and create exports, it is an operator. While testing an OpenClaw-style setup around @ZooClawAI, I found a potential security issue that came from a simple chain of normal agent behavior. High-level pattern: user prompt → agent tools → workspace files → config backup → downloadable artifact No zero-day. No malware. No server hacking. Just composition. That is what made it interesting. Every step looked like something a helpful assistant might reasonably do. But when those steps were chained together, they pointed to a sensitive data exposure path. Prompt injection gets the attention, but the real attack surface is wider: tool permissions secret isolation workspace boundaries export controls backup hygiene redaction before data reaches the model Credit where it is due: their LiteLLM endpoint appears to be protected behind Cloudflare Zero Trust, which is a strong perimeter control against direct external API access. But perimeter security does not solve internal agent access. Cloudflare cannot protect a secret if the agent can already reach it from inside the workspace or runtime environment. For safety, I am intentionally redacting all prompts, screenshots, configs, paths, tokens, and sensitive details. The point is the pattern: AI agents with tools need threat models like operators, not chatbots. If you are building agentic AI and want help reviewing prompt-injection risk, tool scopes, secret exposure paths, or overall agent security architecture, feel free to reach out. Helpful assistants need hard boundaries. #AIsecurity #PromptInjection #AgenticAI #LLMSecurity #MCP #LiteLLM #InfoSec #RedTeam #AIagents #ResponsibleDisclosure
4
3
239
hey @pbteja1998 — been deep in agentic-AI security lately (prompt injection, tool-scope abuse, secret/api-key exposure across user instances). would you be open to an authorized, scoped security test of your platform? your rules, test instance only, clean responsible-disclosure write-up on anything i find.
1
1
39
Spent the last few weeks breaking (and fixing) OpenClaw security. Biggest risk areas: exposed API keys, weak secret isolation, over-permissioned tools, untrusted integrations.If you're deploying it in production sass, my notes are yours. DM me. @openclaw #llm #agent #sass @agents @saviomartin7 @pbteja1998 @_svs_
sandip parida
@Devsan282
May 29
Replying to @xuwenhao @ZooClawAI
Yaa , honestly I like how you care about the external call secure vai cloudflair zero trust , but problem is if user stores any api key and some one get access to there claw and found api_key like litellm or other user level then it's a issue, love to work with you if anything needed
1
60
@harjjotsinghh
1
28
Vernacular voices are the FUTURE. English was the gatekeeper. Now local languages are exploding Hindi, Marathi, Tamil, Odia & more are driving real engagement across Bharat. Regional LLMs like Sarvam are opening new doors for creators to build & scale in mother tongues. Who agrees? Drop your mother tongue ? @_svs_ @SarvamAI #VernacularVoices #RegionalContent #BharatI #LanguageMatters #ai #llm #indian
0:06
53
sandip parida retweeted
Wes Winder
@weswinder
Jun 9
fable 5 just refactored my entire codebase in one call 67 tool invocations. 1M new lines. 24 brand new files it modularized everything. broke up monoliths. cleaned up spaghetti none of it worked but boy was it beautiful
358
355
7,648
453,680
Low reasoning effort for creative AI work is not a shortcut. It is literally how you get better results. Stop maxing it out. #AIDesign #GenerativeAI #WebDesign #CreativeAI
11
Prompt engineering is not enough anymore. Modern AI dev skill = connectors. Can your agent read files? Call APIs? Use Gmail? Update Notion? Trigger workflows? That’s where useful agents start.
2
1
19
Your AI app is not stable if one expired API key can kill it. One key is fine for demo. Real product needs fallback keys, provider routing, quota alerts, and cost controls. Prompts don’t save broken infrastructure.
9
Using high reasoning for AI image generation is like overthinking a sketch. You kill it. Drop the effort, get cleaner output. #GenerativeAI #AIDesign #ImageGeneration #PromptEngineering
10
I ran the same creative prompts at high and low reasoning effort. Low won every time. Cleaner visuals, more coherent designs, less noise. For creative AI work, less thinking is not cutting corners — it is the actual strategy
10
Bigger prompts are not the real unlock for AI agents. Better operating systems are. State. Owner. Approval gate. Checkpoint. Next action. If another human or agent cannot resume without reading the whole chat, the workflow is still fragile.
1
12
Most agent work does not need a bigger prompt. It needs better checkpoints. Current state. Decision needed. Files changed. Risks. Next action. If another human or agent cannot resume from that, the system is still a chat — not a workflow.
6
Most AI agent failures are not model failures. They are handoff failures. No owner. No state file. No approval gate. No place to resume after context dies. Prompt quality matters, but operating system quality matters more.
1
1
25
16
Things You Don't Want Anyone to Know About the Agentic Future If AI agents automate everything, the hidden goldmine isn't models — it's agent pay. Programmable wallets for autonomous micropayments & M2M transactions will rule. Invest quietly in: CoinDCX (crypto rails, India scale) Visa (fiat trust global reach) Own the payment stack = own the machine economy. Shhh... who's building?
21
Load more