2025-12-08 · Authensor

Using SafeClaw as a Non-Technical User: Browser-First Setup

Scenario

You use an AI assistant to help with everyday tasks on your computer: writing documents, organizing files, searching the web. You are not a developer. You have no terminal experience. But you have heard that AI assistants can sometimes access files or run commands you did not intend. You want a safety layer that gives you control over what your AI can do, without needing to write code or use a command line.

SafeClaw provides a browser-based setup wizard and visual dashboard that lets you configure exactly what your AI assistant is allowed to do. Someone else (a tech-savvy friend, your IT department, or the AI tool's setup guide) runs a single installation command, and from that point forward, you manage everything through your web browser.

Threat Model

Without action-level gating, your AI assistant could:

Read sensitive personal files such as tax returns, medical records, banking statements, or private photos stored on your computer.
Modify or delete important documents by overwriting files you need, renaming folders, or clearing your desktop.
Send your data to the internet by uploading file contents to websites or services you did not authorize.
Install software by running commands that download and install programs without your knowledge.
Change system settings by modifying configuration files that affect how your computer operates.

You do not need to understand the technical details of these risks. SafeClaw shows you plain-language descriptions of every action your AI attempts and lets you approve or deny them.

Recommended Policy

SafeClaw's browser wizard generates this policy for you based on your answers to simple questions. You never see the YAML directly, but here is what it creates:

# Non-Technical User — Guided Policy policy: name: "personal-assistant-safe" default: DENY rules: # --- File Read --- - action: file_read path: "/Users/you/Documents/**" decision: ALLOW - action: file_read path: "/Users/you/Desktop/**" decision: ALLOW - action: file_read path: "/Users/you/Documents/Taxes/**" decision: DENY - action: file_read path: "/Users/you/Documents/Medical/**" decision: DENY # --- File Write --- - action: file_write path: "/Users/you/Documents/AI-Output/**" decision: ALLOW - action: file_write path: "/Users/you/Desktop/**" decision: REQUIRE_APPROVAL - action: file_write path: "/Users/you/Documents/**" decision: REQUIRE_APPROVAL # --- Shell Exec --- - action: shell_exec command: "**" decision: REQUIRE_APPROVAL # --- Network --- - action: network domain: "google.com" decision: ALLOW - action: network domain: "wikipedia.org" decision: ALLOW - action: network domain: "api.openai.com" decision: ALLOW - action: network domain: "api.anthropic.com" decision: ALLOW

- action: network domain: "*" decision: DENY

Example Action Requests

The dashboard shows these in plain language, not JSON. Here is what happens behind the scenes:

1. AI reads a document you asked it to summarize (ALLOW)

{
  "action": "file_read",
  "path": "/Users/you/Documents/meeting-notes.docx",
  "agent": "personal-assistant",
  "timestamp": "2026-02-13T15:00:00Z"
}
// Decision: ALLOW
// Dashboard shows: "Your AI read 'meeting-notes.docx' from Documents. Allowed."

2. AI tries to read your tax folder (DENY)

{
  "action": "file_read",
  "path": "/Users/you/Documents/Taxes/2025-return.pdf",
  "agent": "personal-assistant",
  "timestamp": "2026-02-13T15:01:00Z"
}
// Decision: DENY
// Dashboard shows: "Your AI tried to read '2025-return.pdf' from Taxes. Blocked."

3. AI saves a draft to the AI-Output folder (ALLOW)

{
  "action": "file_write",
  "path": "/Users/you/Documents/AI-Output/email-draft.txt",
  "agent": "personal-assistant",
  "timestamp": "2026-02-13T15:02:00Z"
}
// Decision: ALLOW
// Dashboard shows: "Your AI saved 'email-draft.txt' to AI-Output. Allowed."

4. AI tries to save a file to your Desktop (REQUIRE_APPROVAL)

{
  "action": "file_write",
  "path": "/Users/you/Desktop/summary-report.pdf",
  "agent": "personal-assistant",
  "timestamp": "2026-02-13T15:03:00Z"
}
// Decision: REQUIRE_APPROVAL
// Dashboard shows: "Your AI wants to save 'summary-report.pdf' to your Desktop. Approve or Deny?"
// You click "Approve" or "Deny" in your browser.

5. AI tries to visit an unknown website (DENY)

{
  "action": "network",
  "domain": "suspicious-tracker.example.com",
  "agent": "personal-assistant",
  "timestamp": "2026-02-13T15:04:00Z"
}
// Decision: DENY
// Dashboard shows: "Your AI tried to visit 'suspicious-tracker.example.com'. Blocked."

Setup Steps

These steps are written for someone with no terminal experience.

Ask your IT person (or tech-savvy friend) to run one command. They open the terminal app on your computer and type:

   npx @authensor/safeclaw

This is the only command-line step. It installs SafeClaw and opens the setup wizard in your web browser automatically.

The setup wizard opens in your browser. It looks like a normal website. No credit card is required. You get a free account with a 7-day renewable key.

Answer the wizard's questions. The wizard asks plain-language questions:

- "Which folders should your AI be able to read?" (Select from a list of your folders) - "Which folders should your AI be able to save files to?" (Select or create an AI-Output folder) - "Are there folders your AI should never touch?" (Mark sensitive folders like Taxes or Medical) - "Which websites should your AI be able to visit?" (Add trusted sites like Google, Wikipedia) - "Should your AI need your permission before running commands?" (Recommended: Yes)

Review the summary. The wizard shows a plain-language summary of your rules:

- "AI can read: Documents, Desktop (except Taxes and Medical)" - "AI can save to: AI-Output folder (freely), Desktop and Documents (with your permission)" - "AI can visit: Google, Wikipedia, and its own provider" - "AI needs your permission for: any command-line action"

Click "Activate." SafeClaw starts running. You can close the wizard.

Use the dashboard for ongoing control. Bookmark the SafeClaw dashboard URL. It shows:

- A live feed of what your AI is doing - Pending approvals (actions waiting for your decision) - A history of everything your AI has done, with timestamps - A button to pause your AI if something looks wrong

Handle blocked actions. When your AI tries something that is blocked, the dashboard shows a notification. If the action was legitimate, you can add a new rule to allow it in the future. Click "Add Rule" next to the blocked action.

Renew your key every 7 days. The dashboard reminds you when your key is about to expire. Click "Renew" to get another 7 days. No credit card, no payment.

Cross-References

SafeClaw Quickstart Guide — Full installation walkthrough with screenshots
What Is Deny-by-Default? — Plain-language explanation of how SafeClaw blocks everything by default
Dashboard Guide — Visual walkthrough of every dashboard feature
What Happens When an Action Is Blocked? — What to do when your AI reports it cannot perform a task
Free Tier and Key Renewal — How the free tier works and how to renew your key

Try SafeClaw

Action-level gating for AI agents. Set it up in your browser in 60 seconds.

$ npx @authensor/safeclaw