The latest site to emerge from the OpenClaw/MoltBot ecosystem is rentahuman.ai. The premise is sci-fi played straight: agents that need something done in the physical world can hire a human to do it. Claude Code can shop on its own, but it cannot yet pick up a package.
It is fun, and it is also a signal. These agents are starting to cut middlemen out of supply chains. The question is not whether this accelerates. It is whether we are ready.
The Storm We Cannot Stop
Coding agents are no longer confined to developers. They are spreading to other knowledge workers, embedding themselves into daily workflows, and doing so without waiting for business approval, let alone security review. Adoption is happening at the edges, driven by individuals who find the tools useful and do not think to ask permission first.
This is where adoption always happens. It is also exactly where we need visibility and control.
The guardrails question is not theoretical. These agents can read your codebase, execute commands, push code, and connect to external services through MCP servers and IDE extensions. Today's configuration surfaces are fragile, widely attacked, and poorly understood. We need to make sure an agent cannot delete a codebase or wipe a hard drive. We need to understand a new category of supply chain dependencies, from MCP server definitions to rule files to skill configurations. And we need detection and response capabilities that actually work in this environment.
Open Source Tools for Security Teams
This is why we released two open source projects at Knostic, built for security teams that need visibility into OpenClaw deployments in their environments.
openclaw-detect
Shell and PowerShell scripts that detect OpenClaw installations on managed devices. The tool checks for CLI binaries, app bundles, config files, gateway services, and Docker artifacts across macOS, Linux, and Windows. It is deployable via MDM, with documentation for Intune, Jamf, JumpCloud, Kandji, and Workspace ONE.
Repo: https://github.com/knostic/openclaw-detect
openclaw-telemetry
A plugin for OpenClaw that captures tool calls, LLM usage, agent lifecycle, and message events. It includes sensitive data redaction, tamper-proof hash chains, rate limiting, and log rotation. Output goes to JSONL, with optional CEF/syslog forwarding for SIEM integration.
Repo: https://github.com/knostic/openclaw-telemetry
Both tools are designed to give security teams the basics: know what is running, know what it is doing, and get that data into the systems you already use.
Knostic: Discovery and Control for the Agent Layer
The open source tools handle detection and telemetry for OpenClaw specifically. Knostic goes further, providing discovery and protection across coding agents, MCP servers, IDE extensions, and skill configurations.
