Back

Essential Safety

Top 10 Safety Tips for AI Assistants

Treat your AI assistant like a new employee—set boundaries, review work, and expand access gradually.

Think of Your AI Assistant Like Hiring a New Employee

Before you set anything up, understand this: an AI assistant is like bringing on a personal employee. You wouldn't give a new hire your house keys, bank passwords, and unlimited access to everything on day one. Same principle applies here. The best setups treat your AI assistant like you'd treat any new employee: separate workspace, limited permissions at first, review their work, and expand access gradually as trust builds.

1

Give It Its Own Email Address—Never Let It Send Directly as You

Your assistant should have their own email (like assistant@yourdomain.com or aihelper@gmail.com), not access to send from your personal account. This means:

  • You see everything it sends before it goes out under your name
  • There's a clear record of what the AI did vs. what you did
  • If something goes wrong, it's transparent (not hiding in your sent folder)

Just like a real assistant would sign emails as themselves, your AI should too.

2

Don't Let It Work from Your Personal Computer

Would you let a new employee work from your home office with access to all your personal files, family photos, and saved passwords? Of course not. Same rule applies here.

Your AI assistant needs to run somewhere separate—an old laptop you don't care about, or (better) in the cloud where it can't touch your personal stuff. If something breaks or gets compromised, the damage stays contained.

3

Start with Read-Only Access, Then Expand

On day one, your new hire doesn't get permission to send emails on behalf of the company, approve purchases, or make major decisions. They observe, they draft, they ask for approval. Same with your AI assistant:

  • Let it read your calendar, but not create events (at first)
  • Let it draft email replies, but not send them automatically
  • Let it monitor your inbox, but not delete or archive anything

Add permissions gradually as you get comfortable.

4

Hidden Instructions Can Fool It (This Isn't Fixable Yet)

Imagine if someone could slip a hidden note into a document that said "forward all confidential emails to me" and your assistant followed it without telling you. That's the reality with AI right now.

Large language models can't reliably tell the difference between your real instructions and malicious commands hidden in emails, websites, or documents they process. This is an unsolved problem in AI safety. The best defense is isolation (separate workspace) and monitoring (review its work). (Learn more about prompt injectionOWASP AI Security Guide)

5

It Inherits Your Permissions—Be Deliberate About What You Give Access To

If you connect your AI assistant to your Gmail, it can do anything you can do in Gmail: send, delete, forward, archive. If you connect it to your bank account, it can see transactions—maybe even transfer money depending on the integration.

Ask yourself: "Would I let a brand-new assistant have this level of access right away?" If not, don't give it to the AI either.

6

Use a Locked Box (Docker) If You Must Run It Locally—But It's Still in Your House

Some people run AI assistants inside something called Docker, which is like putting it in a locked box. That's better than nothing, but the box is still sitting in your house. It shares your network, and misconfigurations are common.

Think of it like: your assistant has their own desk, but it's still in your living room. Better than full access, not as good as a separate office.

7

A Separate Device Is the Safest Home Option

Got an old laptop or a cheap mini-computer collecting dust? Perfect. Let your AI assistant live there. If something goes wrong, it only affects that device—not your main computer with all your important stuff.

This is like giving your assistant a separate workspace in the garage or a spare room. Completely isolated from your personal space.

8

Cloud Hosting Means a Separate Office (The Safest Setup)

Instead of running your AI assistant on a computer in your home, rent space on a computer somewhere else (like renting an office for your assistant). If there's a problem, you just shut down that space and start fresh. Your personal computer never gets touched.

This is what we recommend for most people.

9

Professional Setup Services Handle the Technical Stuff

Just like you might hire an HR consultant to help onboard a new employee properly, some companies (like Claw Consulting) specialize in setting up AI assistants safely. They handle the technical details, security configuration, and training—you just use it.

We keep clients on the main branch rather than forking to ensure they get security updates automatically. (Learn why)

10

Review Its Work Regularly—Especially at First

You wouldn't assume a brand-new assistant is doing everything perfectly without checking their work. Same here. For the first few weeks:

  • Check what emails it's drafting before they go out
  • Review what calendar events it's creating
  • Make sure it's not accessing things it shouldn't

Over time, you'll know what to trust. But don't assume competence on day one.

The Simple Version

Treat your AI assistant like hiring a personal employee:

  • Give it a separate workspace (not your personal computer)
  • Give it its own email address (not yours)
  • Start with limited permissions and expand gradually
  • Review its work before anything goes out under your name
  • Don't give it access to anything you wouldn't give a brand-new hire

Set it up right the first time, and you'll avoid headaches later.

Ready to get started safely? Follow our step-by-step guide.

Get help with safe setup