I Want a Personal Agent. I'm Not Running One Yet — Here's What Would Change That
TLDR;
In Part 1 I walked through the March 2026 failures: ClawJacked, the OpenClaw CVE flood, the Axios RAT, the Claude Code source map leak. This post is the constructive follow-up. I’m not anti-agent — I want a personal agent badly enough that I’ve been actively testing alternatives. But I’ve set a bar, and nothing I’ve tried clears it yet. Here’s what the bar looks like, what I’m testing (nanobot, nanoclaw, kubernetes-sigs/agent-sandbox), why prompt injection is the attack you can’t patch with a CVE, and the pre-flight checklist I’d want cleared before I point an agent at my real credentials.