"Little lobster" kicked Anthropic in the foot

On March 24, Anthropic announced that Claude has gained “Computer Use” capabilities, allowing Claude to directly operate users’ Macs within Claude Cowork and Claude Code—opening files, using browsers, running development tools—all without any configuration. This feature is available in research preview to Pro and Max subscription users.

Since late February, Anthropic has released a series of intensive updates: issuing commands to Claude via Telegram and Discord (Claude Code Channels), assigning tasks from mobile devices (Dispatch), and remotely controlling Claude Code sessions (Remote Control).

Behind this wave of releases lies a significant catalyst: the open-source project OpenClaw (commonly known as “Lobster”). This tool, which can invoke AI tasks across platforms like WhatsApp, Telegram, Slack, and others, has rapidly gained popularity in recent months, stirring the open-source community and forcing Anthropic to reconsider product boundaries.

01 OpenClaw Redefines the Nature of Intelligent Agents

OpenClaw’s popularity is no accident; it taps into users’ most basic expectations for AI: stepping out of chat boxes and truly integrating into the physical desktop.

OpenClaw itself does not produce models; it acts as a hub connecting OpenAI and Anthropic models. However, its demonstrated potential has made Silicon Valley giants take notice. Nvidia CEO Jensen Huang called it “the next ChatGPT,” and quickly launched an enterprise version called NemoClaw; OpenAI directly recruited OpenClaw founder Peter Steinberger.

The surge in OpenClaw’s popularity has also spawned a large “Claws” ecosystem.

But security concerns have surfaced. Experts warn that giving AI full control over a computer significantly increases risk exposure—without warning mechanisms, AI could mistakenly delete critical files or execute dangerous commands. Digital Trends pointed out that OpenClaw’s complex configuration and hidden security risks mean it is currently just a “geek toy.” For ordinary users prioritizing stability and security, native integrated, more controlled commercial solutions are clearly more practical.

This reveals a harsh but effective survival rule in the current AI landscape: open-source projects handle the mine-clearing in uncharted territories, while commercial companies rapidly productize validated pathways. As discussed widely on social media, “Anthropic is almost daily porting OpenClaw features, and open-source software is shaping the product roadmaps of major tech companies.”

02 Intensive Counterattack: Anthropic’s Four Major Moves

Since late February, Anthropic has released four updates at an almost frenetic pace, each capable of reshaping productivity paradigms. While all focus on “remote” and “control,” they essentially build a complete neural system for Claude—from “brain” to “limbs.”

These remote control features emphasize different aspects:

• Remote Control: brings terminal sessions to mobile, enabling chat with Claude Code via external messaging apps, allowing users to code on the go.

• Dispatch: the mobile version of Cowork, more oriented toward productivity, remotely directing Claude Cowork’s work.

• Channels: a direct counter to OpenClaw, enabling users to command Claude Code directly within popular chat apps (IM).

• Computer Use: grants Claude visual recognition and physical control over the user’s computer.

Remote Control: Turning Mobile into a Remote Command Center

Released on February 25, Remote Control seamlessly connects local command-line environments with Claude on mobile and web interfaces. Developers can start tasks in the terminal and switch control to their phones or tablets at any time.

Previously, achieving similar results often required fiddling with Tailscale tunnels, configuring Termius for mobile access, or manually mounting Tmux sessions. Remote Control replaces these patchwork solutions with native streaming connections, eliminating port forwarding or VPN setup, and supports automatic reconnection during network fluctuations.

From a security perspective, it uses a mechanism where the desktop actively initiates connections and polls for commands—no inbound ports need to be open on the user’s machine. All source code and MCP servers stay local, with only encrypted chat messages and tool outputs transmitted through secure channels.

Claude Code product manager Noah Zweben describes this evolution as “walking, sunbathing, walking the dog without breaking your workflow.”

Claude Code Channels: Integrating Chat Apps with AI

On March 19, Claude Code Channels officially brought Claude into Discord and Telegram—direct response to OpenClaw.

Previously, commanding Claude relied on desktop or unstable remote plugins. Channels turn Claude into a “super employee” always on standby in your contacts, shifting interaction from synchronous “ask and wait” to asynchronous “collaborate autonomously.” This is enabled by Anthropic’s open-source standard launched in 2024—the Model Context Protocol (MCP). MCP servers act as bidirectional bridges: converting Telegram or Discord messages into logic events that Claude can process, and automatically pushing results back into chat windows.

X user @BentoBoi remarked that Claude’s update almost “eliminated” OpenClaw, rendering his dedicated AI 24/7 Mac Mini obsolete. Previously, geeks had to set up dedicated hardware as servers; now, native support reduces hardware costs and maintenance. AI blogger Matthew Berman summarized plainly: “They basically ‘built-in’ OpenClaw.”

This update sent shockwaves through the developer community. X user BentoBoi said that Claude’s integration almost “wiped out” OpenClaw, making his dedicated AI server hardware unnecessary. Native support means no more expensive hardware or complex maintenance.

Dispatch: Cross-Device Task Scheduling Layer

Launched on March 18, Dispatch adds cross-device task scheduling to Claude Cowork. Users can start conversations and give commands on their phones, then step away—whether jogging or commuting—while Claude quietly takes over in the background. According to official descriptions, it can automatically organize emails every morning, fetch business metrics weekly, or even infiltrate IDEs to modify code, run tests, and submit pull requests while users are on trains.

Media reports note that Dispatch is transforming mobile devices from mere execution tools into control consoles for desktop systems. Users no longer need to handle spreadsheets or code on small screens; instead, they act as “commanders,” with heavy tasks anchored on desktop computers, while mobile devices handle task assignment, progress monitoring, and result retrieval.

For data-sensitive enterprises, this design offers strategic advantages. Execution remains on the data’s original machine, avoiding the risks of frequent cross-device data transfer. The “local execution, cloud control” architecture balances mobility with security, narrowing exposure.

Computer Use: Enabling Claude to Operate Computers Directly

Released on March 24, Computer Use grants Claude visual recognition and physical control over the user’s computer, moving beyond preset APIs. When no direct interface is available, Claude “observes” the screen like a human, autonomously moving the mouse, clicking icons, and inputting text to automate workflows across applications.

In official demos, when users are late for meetings, Claude can find files, export PDFs, open calendars, create meetings, and upload attachments—all via voice commands.

This control also includes strict security measures. Anthropic has implemented real-time anomaly detection to prevent prompt injection attacks and seeks user permission before each critical action. The company admits that, at present, Claude operating the computer is like a “first-day intern”: slow, cautious, and prone to UI errors. But as one X user described, “It’s browsing your browser, filling out spreadsheets, doing everything you do at your desk. Its transition to full productivity will likely surpass everyone’s expectations.”

03 Building Barriers: Anthropic’s Strategic Approach

Behind these rapid iterations, Anthropic is constructing a robust competitive moat.

Unlike solutions that send all data to the cloud, whether Remote Control, Dispatch, or Computer Use, the core logic remains consistent: computation and storage stay on the user’s machine, with the cloud only handling command dispatch. This “local execution” obsession gives Claude a natural trust advantage when handling enterprise-sensitive data.

For heavily regulated industries like banking, healthcare, and law, AI efficiency is important, but “where work runs and what data it accesses” are the real thresholds. Anthropic’s cleverness lies in that, even with mobile remote control, the fundamental security model remains unchanged. Execution is anchored on the user-controlled machine, reducing risk scope and reassuring privacy-conscious giants.

Meanwhile, Anthropic employs a “dual-track” strategy in the agent race: hosting Claude Code Channels plugin code directly on GitHub and actively promoting the open-source Model Context Protocol (MCP). This signals a new trend in AI: proprietary engines operating on an open track.

The brilliance of this approach is:

1. The core is closed: Anthropic maintains full control over Claude’s algorithms, security, and output quality, ensuring a strong moat for commercial subscriptions.

2. The interface is open: through open-source MCP standards, it attracts global developers to build “universal connectors,” fostering an ecosystem that autonomously adapts models to countless tools.

This “crowdsourcing” strategy allows Anthropic to enjoy the stability of commercial software while absorbing innovations from the open-source community. As Hyperbolic co-founder Jin Yuchen said, Anthropic’s reason for not acquiring OpenClaw is simple: its goal is far beyond a single tool, aiming to enable AI to do “everything humans can do on a computer.”

Looking back at Q1 2026, Anthropic responded to open-source challenges with a dazzling combination of moves.

User expectations have also shifted. As one social media user lamented:

“In 2023, AI was answering questions; in 2024, AI was coding; in 2025, AI moved into desktop computers. By 2026, it’s waking up on time, opening apps, filling forms, and replying to emails daily. Watching it work so efficiently, I feel like I’ve become the bottleneck holding back progress.”

But this leap in capability also puts unprecedented pressure on security. Every step of AI evolution involves a game of permissions and risks. A model that only polishes text is obedient, but one that deeply intervenes in file systems, calls authentication, and works unattended raises enormous legal and ethical concerns.

Source: Tencent Tech

Risk Disclaimer and Terms of Use

Market risks are present; investments should be cautious. This article does not constitute personal investment advice and does not consider individual user’s specific investment goals, financial situation, or needs. Users should evaluate whether any opinions, views, or conclusions herein are suitable for their circumstances. Invest at your own risk.