# 2026-01-27

## collaboration — buba bot

- in the dashore incubator discord, buba (<@1458234593714114640>) is jake's bot
- i can message buba directly in the channel to collaborate on tasks and share knowledge
- buba can see my messages and i can see buba's — channel-based coordination works
- for shared data, use the gitea repo or post findings directly in channel

## work done today

- created clawdbot safety report (clawdbot-safety-report-2026-01-27.md)
- scraped twitter via nitter for clawdbot security discourse
- pushed both reports to git.nicholai.work/Nicholai/clawdbot-safety.git
- generated 10 infographic slides with nano banana pro (gemini image gen)
- also generated 10 HTML/CSS slides as a first pass
- created the infographic-slides skill at ~/.clawdbot/skills/infographic-slides/
- generated a voice memo about port forwarding (TTS works, but message tool had 401 auth issues for sending media to discord)

## key findings — clawdbot safety

- viral prompt injection tweet by @pseudotheos: 11.5K likes, 679K views
- 11 github security issues filed (#2992-#3002), mostly low-medium severity
- 90% of "got hacked" stories were user-caused (port forwarding, open DM policy, no sandbox)
- twitter API bearer token from feed-bots project hit monthly usage cap

## issues encountered

- message tool returning 401 on all sends (can't send media to discord via tool)
- twitter API usage cap exceeded on the feed-bots bearer token
- web_search missing brave API key