RE: Some things I wish someone told me when I setup Openclaw

A VM is "usually" secure. It is isolated from your machine, but there is a small risk of code execution outside of the VM, it's extremely rare and usually is only a threat with very targeted attacks customized for you specifically. In general, it's safe.

Keeping it on a dedicated machine/VM is a very good move. I don't recommend it on your main machine you interact with.

It by nature is very insecure software, and you can lock it down or keep it as free as you want/need.

I have mine deployed in a VM on my Proxmox cluster, so if one fails another takes over in less than 3 minutes.