Part 1 of a series on running AI agents on real infrastructure without regretting it.

I've spent 20+ years administering infrastructure — Windows NT to Win2000 to well, you get it...PCAnywhere 😬... VMware, Nutanix, Azure, security hardening. I thought I understood untrusted actors on a network.

Then I gave an AI agent write access to its own config files, and it taught me the lesson again from scratch.

The setup

I run a self-hosted AI assistant — I call it "The Doctor" (Voyager and Tardis ref.) — in an OpenClaw container on a Hostinger VPS. It's a hobby project: part experiment, part obsession, part fun excuse to learn agentic architecture hands-on. The assistant talks to LLMs through an API gateway, authenticated with an API key stored in its config. I mean, if you're here, you prolly know already...