QClaw Safety Guide: Best Practices for Secure Usage

Guides 2026-04-01

Complete safety guide for QClaw users. Learn best practices for secure AI usage, permission management, and protecting your data. Essential security guide.

In this article

Introduction Understanding the Risks Essential Security Settings Best Practices Protecting Sensitive Data Recognizing Problems Emergency Procedures Channel Security Reporting Issues Security Checklist Resources Summary Use QClaw Safely

Introduction

QClaw can perform powerful actions on your computer. Following security best practices ensures you get the benefits while minimizing risks. This guide covers everything you need to stay safe.

Use QClaw safely: https://qclawsg.qq.com

Understanding the Risks

What QClaw Can Do

QClaw has significant capabilities:


✓ Read files on your computer
✓ Create and modify files
✓ Delete files
✓ Send emails
✓ Access websites
✓ Open applications
✓ Execute code

Potential Risks

Risk	Impact	Mitigation
Unauthorized file access	Data exposure	Permission controls
Accidental file deletion	Data loss	Approval workflows
Unauthorized messages	Reputation damage	Email approval
Security bypass	System compromise	Security Gateway

Essential Security Settings

Recommended Configuration


┌─────────────────────────────────────────────────────────────┐
│                    Recommended Security Settings               │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│  RISK THRESHOLD                                             │
│  ○ Low    - Maximum protection                              │
│  ● Medium - Balanced (Recommended)                         │
│  ○ High   - More autonomy, higher risk                      │
│                                                             │
│  AUTO-APPROVE LOW RISK                                      │
│  ☑ Enabled - Smooth workflow                                │
│                                                             │
│  REQUIRE APPROVAL FOR                                       │
│  ☑ File deletion                                           │
│  ☑ Email sending                                           │
│  ☑ System changes                                         │
│  ☑ External downloads                                      │
│                                                             │
│  [Save Settings]                                            │
│                                                             │
└─────────────────────────────────────────────────────────────┘

Permission Strategy

Approach 1: Minimal Access (Highest Security)


File Access:
• Documents (read only)
• Downloads (read only)

Network:
• Web search only
• No downloads

Email:
• Draft only
• No sending

Approach 2: Balanced (Recommended)


File Access:
• Documents (read/write)
• Downloads (read/write)
• Desktop (read only)

Network:
• Allowed with confirmation

Email:
• Draft + approve for send

Approach 3: Full Access (Power Users)


File Access:
• All folders (read/write)

Network:
• Full access

Email:
• Send with confirmation

Best Practices

DO: Security Best Practices

1. Start Restrictive


Start with: Minimal Access
Gradually expand: As you build confidence
Never give: More access than needed

2. Review Regularly


DAILY:
□ Check operation log
□ Review any warnings

WEEKLY:
□ Review permission settings
□ Check for unusual activity

MONTHLY:
□ Audit security settings
□ Update passwords

3. Use Approval Workflows


Enable confirmations for:
✓ Deleting files
✓ Sending emails
✓ External downloads
✓ System changes
✓ App installations

4. Keep QClaw Updated


□ Enable auto-updates
□ Don't skip security patches
□ Check for updates weekly

DON'T: Common Mistakes

1. Don't Grant Full Access Immediately


❌ BAD: Give QClaw full system access on day 1
✅ GOOD: Start restrictive, expand as needed

2. Don't Skip Reviews


❌ BAD: Never check operation logs
✅ GOOD: Review daily, especially early on


❌ BAD: Tell QClaw passwords directly
✅ GOOD: Use secure credential managers

4. Don't Ignore Warnings


❌ BAD: Always approve even with warnings
✅ GOOD: Investigate warnings carefully

Protecting Sensitive Data

Sensitive Folders

Never grant QClaw access to:


✗ Financial records
✗ Password storage
✗ Medical documents
✗ Legal documents
✗ Tax returns
✗ Personal identification

Better Organization


Create a QClaw workspace:

~/QClawWork/         ← QClaw can access this
├── Projects/
├── Templates/
├── Temp/

Keep sensitive data elsewhere:
~/Documents/Private/  ← QClaw doesn't access
├── Financial/
├── Legal/
├── Personal/

Recognizing Problems

Warning Signs

Be alert for:

Sign	What It Means
Unexpected file access	QClaw doing something unusual
Unfamiliar files	Possible external access
Sent messages you didn't approve	Permission bypass
Unusual network activity	Potential exploit
QClaw requesting new permissions	Investigate first

Response Protocol


IF YOU NOTICE SOMETHING WRONG:

1. STOP - Don't approve further actions
2. PAUSE - Disable QClaw temporarily
3. REVIEW - Check operation log
4. REPORT - Contact support if needed
5. RESET - Restore default permissions

Emergency Procedures

If QClaw Does Something Unexpected


STEP 1: Pause QClaw
        Click pause button in app

STEP 2: Review Operation Log
        Settings → Security → Operation Log

STEP 3: Check What Was Affected
        • Files modified/deleted?
        • Messages sent?
        • System changes?

STEP 4: Take Remedial Action
        • Restore files from backup
        • Send apologies/retractions
        • Reset affected systems

STEP 5: Report to Support
        hi@sg.qclaw.qq.com

Emergency Stop


For immediate shutdown:

1. Close QClaw app (Force Quit if needed)
2. Disconnect channels in Settings
3. Revoke permissions
4. Contact support

Channel Security

Telegram Security


✓ Protect your bot token
✓ Don't share in public channels
✓ Use secret chats for sensitive topics
✓ Regularly revoke unused tokens

Reporting Issues

How to Report

If you notice a security issue:


EMAIL: hi@sg.qclaw.qq.com
SUBJECT: Security Issue Report

Include:
• What happened
• When it occurred
• What was affected
• Steps to reproduce (if known)

Bug Bounty

We take security seriously:


Responsible disclosure program:
• Email: security@sg.qclaw.qq.com
• Response: 24-48 hours
• Rewards: Bug bounty for verified issues

Security Checklist

Initial Setup

[ ] Set risk threshold to Medium
[ ] Enable approval for high-risk actions
[ ] Restrict file access initially
[ ] Review operation log regularly
[ ] Enable auto-updates

Ongoing Maintenance

[ ] Weekly: Review operation log
[ ] Monthly: Audit permissions
[ ] Quarterly: Security review
[ ] Update: Keep QClaw current
[ ] Backup: Regular file backups

Resources

Learn More

Get Help

In-app Help: Settings → Help
Email Support: hi@sg.qclaw.qq.com
Security Issues: security@sg.qclaw.qq.com
Discord: #support channel

Summary

Key Takeaways

Start restrictive - Minimal permissions initially
Review regularly - Check operation logs
Approve wisely - Don't auto-approve everything
Protect sensitive data - Keep it away from QClaw
Stay updated - Keep QClaw current

Use QClaw Safely

Download QClaw: https://qclawsg.qq.com

Your security is our priority: https://qclawsg.qq.com

Stay safe, stay productive: https://qclawsg.qq.com