Did OpenClaw Empty Your Wallet Overnight? Finally, Someone Takes Control!

Vercel has become a new partner of OpenClaw, which also provides inspiration for Tencent, Alibaba, and Baidu.

OpenClaw's official account posted an X saying that large-scale open source requires partners. Then Vercel stepped forward to help OpenClaw and Clawhub. People's first reaction was generally "Who is Vercel?"

In a nutshell, Vercel is a well-known American front-end and AI cloud platform provider, specializing in one-stop services for building, deploying, and hosting web applications and AI projects.

OpenClaw is undoubtedly very powerful and can help you solve many practical problems you can't even imagine.

However, powerful tools often come with risks. The essence of OpenClaw is "handing over your computer permissions to an AI".

OpenClaw needs to access the file system, execute commands, and connect to various APIs.

This means that in theory, it can delete your important files, push private code to public repositories, and even access your payment information.

OpenClaw decides how to complete tasks on its own, but this process is a black box for users.

It may choose the wrong tools, leading to unexpected consequences, or be induced by malicious Skills to perform dangerous operations.

Finally, and most importantly, its cost is extremely high.

I experienced this firsthand. An automatic news writing function for AI circle news implemented with OpenClaw cost me a full 200 yuan in tokens in less than 24 hours.

OpenClaw continuously calls AI model APIs. Without restrictions, the cost can reach thousands of yuan a day.

Vercel is developing a new type of cloud service, tentatively called agent cloud.

This agent cloud exactly solves all the pain points of OpenClaw.

At the same time, Vercel also provides inspiration for Chinese cloud providers such as Alibaba Cloud, Tencent Cloud, and Baidu Cloud.

01 The Revolution and Hidden Dangers of OpenClaw

Vercel provides a solution called Sandbox. Essentially, it is an isolated micro-virtual machine that allows OpenClaw to run in a space completely isolated from the local environment.

That is to say, even if OpenClaw is attacked or malfunctions, it cannot access local files.

The HTTPS ports are controllable, only specific network ports are opened, rather than the entire system's network permissions. The timeout mechanism can set an automatic shutdown time to prevent out-of-control processes from running for a long time. And after deleting the Sandbox, all data is completely cleared without leaving any traces locally.

This architecture is like putting OpenClaw as the brain in the cloud, and your local device is the remote control.

Your local computer does not store OpenClaw and will not be directly operated by it. Even if OpenClaw is invaded, the attacker is only in the Sandbox and cannot reach your hard drive and system. You can also close the Sandbox at any time.

OpenClaw has a Skill called web-hosting, which allows OpenClaw to automatically complete the entire process from code to deployment.

When this Skill is combined with Vercel, it automatically creates a GitHub repository (in the cloud, not on your local machine), automatically configures a Vercel project (on the Vercel platform, not the local system), and automatically deploys and binds a domain name. All operations are performed in the cloud, and OpenClaw will never touch your local file system.

The advantage of Vercel lies in its Git push-to-deploy feature.

It is deeply integrated with GitHub. After code submission, it is automatically built and deployed without manual file upload. A preview environment is automatically generated, and each branch has an independent preview link, making collaboration more convenient. There is no need for operation and maintenance, and you don't need to worry about server configuration, security patches, capacity expansion, etc.

At this point, you may be wondering, "Well, this is really convenient, but there are already many one-click cloud solutions for OpenClaw on the market. They can use OpenClaw's mirror application to keep all operations and data in the cloud."

Vercel can do even more. Its AI Gateway function gives you control. It can uniformly monitor the cost of AI calls and prevent the API bill from skyrocketing due to OpenClaw's out-of-control.

It can also set a running rate limit for OpenClaw to prevent it from being called frequently by malicious Skills.

The most important thing is that it can centrally manage all your API Keys, so you no longer need to distribute keys to each Skill separately.

OpenClaw represents the rise of personal AI agents, and what Vercel wants to do is to be the infrastructure for hosting these agents. The combination of the two exactly covers the complete chain of local intelligence and cloud execution.

In terms of security, there are drawbacks to the cloud-based OpenClaw deployed by traditional cloud providers.

OpenClaw runs directly on the cloud server. Although there is isolation, it is still under the same account system.

Once OpenClaw obtains the cloud server permissions, in theory, it can operate other resources under this account. This requires you to configure firewalls, security groups, etc. by yourself.

The advantage of Vercel's solution lies in the MicroVM-level isolation. OpenClaw runs in an independent virtual machine, completely isolated from local and other cloud resources. Even if OpenClaw is attacked, it cannot access the user's local files or other cloud services.

You can set an automatic shutdown time to prevent risks caused by long-term operation. After deleting the Sandbox, all data is completely cleared.

The following three sentences were written by me when deploying OpenClaw in the Vercel environment, using the Claude Opus 4.6 model.

Using OpenClaw alone is like having a sports car without brakes - it's very fast, but it may crash at any time.

Using Vercel alone is like having a well-maintained highway - the road conditions are good, but you need to drive by yourself.

The combination of the two is like an autonomous vehicle driving on an intelligent highway - it has both speed and safety.

02 The Agent Cloud is Needed in the Agent Era

Looking back at Vercel's evolution, you'll find that this company was destined to move towards the agent cloud from the very beginning, and OpenClaw only accelerated this process.

Vercel has a creed that infrastructure should grow naturally from code, rather than being manually configured.

So they proposed an architecture called Framework-defined Infrastructure.

Specifically, when you write Next.js code, Vercel automatically configures servers, CDNs, and edge nodes for you. There's no need to write Terraform configurations or click console buttons. Code is infrastructure.

However, in the AI era, this concept is actually a bit outdated.

Because traditional applications are static, and their functions are determined once the code is written. Agents are dynamic. They make autonomous decisions based on user input, call tools on their own, and generate code. Their behavior is not completely predictable.

So Vercel proposed a new architecture called Self-driving infrastructure, hereinafter referred to as agent cloud.

In traditional clouds, you configure resources and run programs. In the agent cloud, agents automatically apply for resources, scale up and down, and optimize according to task requirements.

OpenClaw is useful, but you can't predict the changes the model will bring. Well, let the agent cloud handle it.

Vercel's agent cloud has a four-layer architecture.

The First Layer is the Development Layer (AI SDK + v0)

The AI SDK is essentially a set of AI development toolkits that make it easier for developers to add AI capabilities to applications.

It has several very practical functions. For example, if you want to replace GPT with Claude, you only need to change one line of code, and nothing else needs to be modified. The AI can also call external tools, such as checking the weather or searching databases.

This AI SDK can also orchestrate tasks for you. You can set the order in which tasks are executed or execute multiple tasks simultaneously.

v0 is an AI tool that helps you quickly build interfaces.

You only need to describe what you want in plain language, such as "Create a data dashboard with a sidebar", and it can directly generate complete web page code.

Moreover, it doesn't just generate code. You can also preview the effect in real-time. If you're not satisfied with something, just tell it to make changes, and you can deploy it online right after the changes are made.

The Second Layer is the Runtime Layer (FluidCompute)

Traditional Serverless has a big problem, which is cold start.

Functions go into hibernation after being idle for a long time and need to be reloaded when called again, causing a delay of a few seconds.

However, the working mode of agents is completely different from the common software working mode in the past. They are mostly in a waiting state (waiting for user input or API responses). Once triggered, they need to respond quickly and may suddenly receive a large number of requests (such as processing 100 users' queries simultaneously).

FluidCompute was developed to solve this contradiction.

A traditional cloud is like renting a car every time you need to use it. You have to go through the formalities before you can drive, which is the delay of cold start. FluidCompute is like having your car parked right in front of your door, ready to go at any time. Even better, you can use one car to carry multiple friends at the same time, instead of one car for each friend.

In terms of cost, the traditional way charges continuously during the rental period, while FluidCompute only charges when the car is actually moving. It doesn't charge when waiting at traffic lights or for someone.

According to Vercel's data, this method can save 90% of the cost.

The Third Layer is the Management and Control Layer (AI Gateway + Vercel agent)

As mentioned before, the AI Gateway is the control center for AI models. It provides unified access, allowing you to call multiple model providers with one API Key.

It can perform intelligent routing, using cheaper models for simple problems and advanced models for complex problems. It can also automatically switch to a backup provider in case of a failure of the main provider. At the same time, it controls costs, sets rate limits, and prevents the bill from skyrocketing.

The Vercel agent is responsible for operation and maintenance. It conducts code reviews, automatically detects bugs and security vulnerabilities before submission, and issues automatic alerts when problems are found.

The Fourth Layer is the Ecosystem Layer (Marketplace + Sandbox)

The Marketplace is an agent application store where developers can publish their own agents or install third-party agents (such as data analysis agents and customer service agents) with one click.

The Sandbox provides an isolated environment for agents like OpenClaw.

The essential difference between the agent cloud and the traditional cloud is that the core assumption of the traditional cloud is that applications are deterministic.

In the traditional cloud, resource management is manually configured with preset rules. The billing model is based on resource specifications (CPU/memory). The operation and maintenance method is manual monitoring and manual handling of failures. The development experience requires configuring servers, networks, and security groups.

In the agent cloud, agents make autonomous decisions.

The traditional cloud sells computing resources such as servers, bandwidth, and storage, while the agent cloud sells an intelligent execution environment.

03 The Inspiration from Vercel

In my opinion, Vercel was able to win over OpenClaw because it has some advanced product concepts.

The most prominent one is its excellent user experience, which is also the biggest problem for Chinese cloud providers.

When you open the console of a domestic cloud server, the first thing you see is hundreds of function buttons, and the entry for Serverless is deeply buried in an inconspicuous corner.

This forms a sharp contrast with the simple experience of Cloudflare or Vercel, where you can deploy applications as soon as you log in.

It's true that Chinese cloud providers' cloud computing products were initially targeted at large enterprise customers and tend to build comprehensive and complex PaaS solutions.

This is the opposite of Vercel, which has always focused on a single core scenario, enabling front-end developers to deploy applications as quickly as possible.

Actually, there's no need to cover all functions. It's enough to do the core scenario extremely well.

Learning from Vercel's zero-configuration concept, developers only need to write code, and everything else is automated. Provide a dedicated entry for one-click agent deployment, support Git-native deployment, and be deeply integrated with GitHub and Gitee. Applications are automatically built and deployed once the code is submitted.

Automatically generate preview environments, with independent URLs for each branch. Applications are automatically deployed to production after being merged into the main branch.

Then, present error messages in plain language instead of throwing API error codes. Provide one-click repair suggestions instead of making developers look up the documentation.

Tencent Cloud's Lighthouse's one-click OpenClaw deployment is a good attempt, but this experience needs to be extended to more scenarios.

The second point is the lack of a front-end framework ecosystem.

Vercel has developed a positive cycle between the framework and the platform by developing the Next.js framework. Developers who write code with Next.js naturally choose Vercel for deployment; Vercel optimizes the infrastructure for Next.js, making developers rely on Vercel.

Chinese cloud providers need to invest in or develop their own front-end frameworks. Alibaba can deeply integrate Ant Design and Umi.js, and Tencent can base on TDesign and develop its own framework.

The goal should be to make the framework the best running environment for the platform. Drive the use of the cloud platform through the framework ecosystem. There's no need to be compatible with all frameworks. Instead, deeply integrate 1 - 2 core frameworks to achieve the best experience.

I think Baidu Cloud has the best experience in this regard.

The third challenge is the infrastructure specifically optimized for agents.

Chinese cloud providers' Serverless is designed based on the traditional application model (long-term operation, stable traffic), but as mentioned before, the working mode of agents is completely different.

It is necessary to develop dedicated computing units for agents, similar to the product features of Vercel FluidCompute, to adapt to the workflow of the agent era.

The fourth challenge is to change developers' working methods.

In the past, you had to write code line by line. Now, with Vercel's v0 mode, you can simply describe your requirements verbally, and once the code is generated, you can click to deploy it online.

Chinese cloud providers should also develop similar features and optimize them for Chinese users, so that Chinese people can generate web pages by describing their requirements in Chinese.

There should also be an intelligent assistant to help you check if the code has problems, is secure, and where it can be optimized, just like having a 24/7 technical

该文观点仅代表作者本人，36氪平台仅提供信息存储空间服务。