undefined | Better HN

0 pointsanon848736281mo ago0 comments

Can you help me understand which of these happened?

1) Open Claw has a Google OAuth client id that users are signing in with. (This seems unlikely because why would Google have approved the client or not banned it)

2) Users are creating their own OAuth client id for signing themselves into Open Claw. (Again, why would these clients be able to use APIs Google doesn't want them to?)

3) Users are taking a token minted with the Antigravity client and using it in Open Claw to call "private" APIs.

Assuming it's #3, how is that physically accomplished? And then how does Google figure out it happened?

0 comments

moontear1mo ago

"how does Google figure out it happened" - no insider knowledge, but the calls Claw makes are very different than the regular IDE, so the calls and volume alone would be an indicator. Maybe Google has even updated their Antigravity IDEs to just include some other User Agent, that Claw auth does not have.

Everything just guesswork, but I don't think it is too hard to figure out whether it is Antigravity calling the APIs or any Claw.

j / k navigate · click thread line to collapse