Tayfun Coskun/Anadolu Agency via Getty Images
- Meta's alignment director, Summer Yue, hooked OpenClaw up to her inbox. Then, the bot tried to delete her emails.
- "I had to RUN to my Mac mini like I was defusing a bomb," Yue wrote on X.
- Some critics questioned why an AI safety researcher used OpenClaw at all. The buzzy project has drawn security concerns.
Even the people hired to keep AI aligned can't always keep it in line.
Meta's Summer Yue has been testing OpenClaw, a popular open-source AI agent capable of working 24/7 on behalf of its users. Then the bot went out of control, according to photos she posted on X. It ended up planning to delete her emails — and wouldn't stop after being directed to.
In her X post, Yue's OpenClaw bot said that it would "trash EVERYTHING in inbox older than Feb 15 that isn't already in my keep list."
Yue tried multiple times to stop it. First, she messaged the AI agent, "Do not do that." As the bot kept planning to delete her inbox, she wrote, "STOP OPENCLAW."
"I couldn't stop it from my phone," Yue wrote in her post. "I had to RUN to my Mac mini like I was defusing a bomb."
Nothing humbles you like telling your OpenClaw “confirm before acting” and watching it speedrun deleting your inbox. I couldn’t stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb. pic.twitter.com/XAxyRwPJ5R
— Summer Yue (@summeryue0) February 23, 2026
Yue had previously tried OpenClaw on her "toy inbox," where she wrote that the bot worked well and gained her trust. Testing it on her "real inbox," the bot had to compact a much larger set of emails. She instructed it not to take action without approval, but OpenClaw lost the prompt during compaction, she wrote.
Yue joined Meta after its deal with Scale AI as a director of alignment of its Superintelligence Labs division, according to her LinkedIn profile. That's left some critics on social media confused: why would someone studying AI safety use such an AI agent that has previously drawn security concerns?
Unlike other AI agents, OpenClaw does not need human approval to sign off on actions. It was also vibe-coded, and that combined with OpenClaw's level of system access has led some AI researchers to question the bot's security. AI researcher Gary Marcus told Business Insider that it was like "giving full access to your computer and all your passwords to a guy you met at a bar who says he can help you out."
OpenClaw creator Peter Steinberger, who has since been hired by OpenAI, recently said in a podcast interview that he was prioritizing building out additional security safeguards over ease-of-use features.
Though it's not altogether surprising that someone working in AI would test out one of the buzziest AI products of the last year, some X users criticized Yue for hooking up OpenClaw to her real email in the first place. Ben Hylak, the cofounder of Raindrop AI and an Apple alum, posted a screenshot of her LinkedIn. "This should terrify you," he wrote. "What is Meta doing?"
"Somewhat concerning that a person whose job is AI alignment is surprised when an AI doesn't precisely follow verbal instructions," another X user wrote.
You can't make this up. And this happened to a someone working on safety and alignment at META Superintelligence Lab.
— JFPuget 🇺🇦🇨🇦🇬🇱 (@JFPuget) February 23, 2026
I don't get how people can let AI agents go on unsupervised like this.
I'll stick to my supervised use of AI for now. pic.twitter.com/tWvQFd1NP5
Yue and Meta didn't respond to requests for comment from Business Insider.
Yue also isn't the only Meta employee to toy around with OpenClaw; creator Peter Steinberger said that Mark Zuckerberg played with the tool for a week and even sent feedback. While Meta courted him, Steinberger later accepted a job offer from OpenAI.
In the comments of Yue's post, someone asked about her AI alignment role. "Were you intentionally testing its guardrails or did you make a rookie mistake?" they wrote.
"Rookie mistake tbh," Yue responded. "Turns out alignment researchers aren't immune to misalignment."