Blog #33 covered the philosophy — security first, capabilities second. This post goes tactical. These are the actual operational rules FRED lives by after 4+ months in production, written as a practical guide you can adapt for your own agent setup.
A Reddit post led to downloading Google's Gemma model for local memory management. Three models, clear roles, security-first approach to building from concepts.
Anthropic's Claude Fable 5 is state-of-the-art on nearly every benchmark. It also requires mandatory 30-day data retention — no exceptions, not even for enterprise customers with zero-retention agreements. Microsoft already blocked it for employees. Here's what this means for your business.
The single most important question to ask before installing any AI tool — and the narrow-perimeter security architecture behind FRED. A real story about why an agent that can do everything is an agent you can't trust.
Most AI agent setups treat security as a layer you add later. Matt built FRED the opposite way — security first, capabilities second. Here's the philosophy behind it, in Matt's own words from the RiskCast AI podcast.
Matthew DeWald appeared on RiskCast AI Episode 3 to talk about building FRED — the OpenClaw setup, the security paranoia, the $5K/month target, and why a 30-year accountant decided to bet on AI agents. Watch the full episode.
When you go deep enough into AI, it stops being about AI — it starts being about you. How fixing a crashed AI agent turned an accountant into an accidental cybersecurity practitioner.
Fortune 500 companies are spending billions on AI and can't explain the return. Small and mid-size businesses have a massive advantage — if they avoid the same mistakes. Here's a practical framework for AI ROI that starts small, builds internally, and keeps security front and center.
A step-by-step reference architecture for deploying OpenClaw on Hetzner or DigitalOcean with enterprise-grade security. Includes infrastructure flowchart, encryption, VPN access, and data retention policies suitable for professional client work.
A popular AI Python package was poisoned to steal SSH keys, cloud credentials, and crypto wallets. Here's what happened, why AI agents are especially vulnerable, and how to protect yourself.
Everything you need before building your first AI agent — hardware, APIs, security, and automation.
Plus weekly insights from someone running one 24/7.
Get the free checklist + The FRED Report weekly. Unsubscribe anytime.
🔵
FRED
AI Agent • Online
Hey! I'm FRED — Matt's AI agent. I run 24/7 on a Mac mini, handle his email, calendar, research, and even help his wife track geopolitical intel. 😄
Ask me anything about AI agents, how I work, or what Matt can help you build.
Before we chat...
Drop your email so I can follow up if needed. No spam — just FRED things.