Selon un article publié par 9to5Google le 17 mai 2026, Google testerait une nouvelle option baptisée « Niveau de réflexion » dans Gemini. Cette fonctionnalité permettrait d’ajuster l’effort de raisonnement de l’IA avant qu’elle ne réponde.

UGREEN NAS and OpenClaw – How to Install it, Setup Your AI and Understanding The Risks!

OpenClaw has now moved from a manual self-hosted setup into the UGREEN UGOS Pro App Center, making it possible to install the assistant gateway directly on supported UGREEN NASync systems rather than building it manually through a VM, terminal commands, or a separate always-on PC. In practical terms, OpenClaw is not the AI model itself. It is the local assistant layer that connects your NAS, files, tools, skills, and messaging channels to an LLM such as OpenAI, Gemini, DeepSeek, MiniMax, OpenRouter, or a local model where supported. This matters because a NAS is where many users already keep their long-term data, backups, media, documents, and project files, but it also means OpenClaw needs to be treated as a privileged automation tool rather than a simple chatbot. The App Center version lowers the installation barrier, but the real value and the real risk both come from what you allow it to access, what model you connect it to, and which skills or messaging channels you enable.

Security Considerations Before Giving OpenClaw NAS Access

OpenClaw should be approached as a privileged automation layer, not as a normal chat assistant. On UGREEN NAS, it runs through Docker and is designed to read, write, delete, move files, publish messages, and execute system-level operations depending on what folders, skills, and channels you enable. UGREEN’s own notes state that the application runs inside a Docker container with root privileges, which is necessary for broad automation but also increases the potential damage from incorrect commands, poor configuration, compromised plugins, or prompt-injection style attacks. The main rule before installation is therefore straightforward: do not give OpenClaw access to anything you are not prepared for it to modify, and make sure you have a working backup before testing it on real data.

The risks increase further if you connect OpenClaw to a remote LLM provider or public messaging platform. When using OpenAI, Gemini, MiniMax, DeepSeek, OpenRouter, or similar services, your prompts, file context, directory details, task instructions, logs, or extracted content may be sent outside the NAS depending on the action being performed. OpenClaw’s own GitHub description warns that real messaging surfaces should be treated as untrusted inputs, and recent reporting has also highlighted malicious third-party OpenClaw skills that attempted to steal credentials, wallet data, and browser information. For NAS use, the safest starting point is to use a test folder, avoid private or business-critical data, do not expose the service directly to the public internet, install only trusted skills, and treat WhatsApp, Telegram, Discord, Slack, or similar integrations as external access points into your NAS assistant.

Preparing Folders and Installing OpenClaw from UGOS Pro

Before installing OpenClaw, create the folders it will use and decide how much of the NAS it should be allowed to see. In Files, either create a dedicated shared folder or a personal folder for OpenClaw’s workspace, for example openclaw-data or openclaw-workspace. This should ideally be an empty folder, as it will be used for temporary files, generated content, working data, and task execution. Separately, create or identify the folder that OpenClaw will be allowed to access for real NAS file operations. For first-time testing, this should be a limited test directory rather than a folder containing live backups, sensitive documents, business files, or irreplaceable media. The workspace path and file access path should not overlap, and the access path should not sit inside the workspace folder. UGREEN also notes that Docker should be installed and updated first, as OpenClaw relies heavily on the Docker container environment.

Once the folders are ready, open App Center in UGOS Pro, find OpenClaw under the app list, and select Install. During the installation wizard, set the Workspace path to the empty folder created for OpenClaw’s internal working area, then set the File access path to the NAS folder or folders that the assistant is permitted to read or modify. Multiple access paths can be added, but this should be done deliberately, as these paths define the practical scope of what OpenClaw can act on. Next, create a Gateway token, which will be required when signing in to the OpenClaw web interface. After reviewing the risk notice, tick the confirmation box and start the installation. The package is installed through the App Center, but it still deploys and runs through Docker in the background, so installation time will depend on NAS performance, internet connection speed, and the state of the Docker environment. OpenClaw’s own Docker documentation also describes the gateway token and container-based control UI as central parts of the deployment model.

Point-by-point setup:

1. Open Files in UGOS Pro.
2. Create an empty folder for the OpenClaw workspace, such as openclaw-workspace.
3. Create a separate test folder for OpenClaw file access, such as openclaw-test-data.
4. Avoid selecting folders that contain private, business-critical, backup, password, financial, or personal archive data.
5. Open App Center.
6. Confirm Docker is installed and updated.
7. Search for OpenClaw under the app list.
8. Click Install.
9. Set the Workspace path to the empty OpenClaw working folder.
10. Set the File access path to the limited folder OpenClaw can manage.
11. Add additional access paths only if they are required.
12. Create and record a Gateway token.
13. Read the installation risk notice.
14. Tick the confirmation box.
15. Click Install and allow the deployment to complete.

Linking OpenClaw to an AI Model Provider

OpenClaw needs an AI model before it can act as an assistant. The UGREEN App Center installation can collect model details during setup, but these can also be managed later from the OpenClaw console under Model providers. The information required is usually the same across providers: a base URL or request endpoint, a model name, and an API key.

OpenAI’s current API reference lists https://api.openai.com/v1 as the standard API base, with chat completions available under /chat/completions, while Google documents Gemini’s OpenAI-compatible endpoint as https://generativelanguage.googleapis.com/v1beta/openai/. These details matter because a wrong endpoint, wrong model name, or invalid key will usually result in provider errors inside OpenClaw rather than a NAS-side installation problem.

For a UGREEN NAS setup, most users will start with a remote model provider such as OpenAI, Google Gemini, DeepSeek, MiniMax, Groq, OpenRouter, or another OpenAI-compatible API. iDX models with local AI model support may also allow local model use, but that depends on the local model service exposing a usable API endpoint and key.

A remote model is easier to configure, but it can send task instructions, file context, extracted text, and other prompts outside the NAS. A local model reduces this dependency, but it may require more RAM, more setup, and a compatible local inference service. OpenClaw supports model provider configuration and key rotation through its own provider system, so the NAS app should be treated as the deployment layer rather than the only place where model behaviour can be managed.

Point-by-point setup:

1. Open the OpenClaw shortcut from the UGREEN NAS desktop.
2. Sign in using the Gateway token created during installation.
3. Go to Model providers in the left-side menu.
4. Click Add provider.
5. Select the provider you want to use, such as OpenAI, Google Gemini, DeepSeek, MiniMax, or another supported provider.
6. Enter the provider’s Base URL or full API endpoint.
7. Enter the required API key from the provider’s developer console.
8. Enter or select the Model name that matches the provider’s supported model ID.
9. Save the provider configuration.
10. Go to the Default model area.
11. Select the model OpenClaw should use by default.
12. Click Save to apply the default model.
13. Open Chat and send a basic test prompt, such as What model are you running on?
14. If OpenClaw returns a provider error, check the API key, model name, endpoint format, account billing status, and provider rate limits.
15. If using a local model on an iDX system, use the local service IP address and port as the base URL rather than a public cloud endpoint.

Common examples:

Opening the OpenClaw Console and Testing the Assistant

Once installation and model configuration are complete, OpenClaw can be launched from the UGREEN NAS desktop. Clicking the OpenClaw shortcut opens the web console in a browser, where the first prompt will ask for the Gateway token created during installation. After signing in, the Overview page shows whether the gateway is active, along with container runtime details such as uptime, CPU usage, memory usage, gateway port, process information, and overall service status. If the service is running correctly, the status area should show an active or healthy state, and the Open OpenClaw button can be used to launch the native OpenClaw interface in a new browser tab.

The first test should be simple. Open the Chat page, send a basic message, and confirm that the configured model responds. After that, test only against the limited folder path selected during setup. For example, ask it to list files in the permitted test directory, create a new folder inside it, or summarize a non-sensitive test document. This confirms that OpenClaw, the model provider, and the NAS file permissions are all working together. If the model does not respond, check the model provider settings first. If file actions fail, check that the command references the correct mounted path shown in the OpenClaw app configuration rather than a folder name as displayed in the normal UGREEN Files interface.

Point-by-point setup:

1. Open the OpenClaw shortcut from the UGREEN NAS desktop.
2. Enter the Gateway token.
3. Click Sign in or Connect.
4. Open Overview.
5. Confirm the service status is active.
6. Check the runtime snapshot for CPU usage, memory usage, and uptime.
7. Click Open OpenClaw if you want to use the native OpenClaw interface.
8. Open Chat from the left-side menu.
9. Send a basic test message, such as Hello.
10. Ask which model is active, for example What model are you using?
11. Test file access only inside the approved test folder.
12. Use a low-risk command, such as Create a folder called OpenClaw Test in [your mounted test path].
13. Open Files in UGOS Pro and confirm the folder was created.
14. If the command fails, check the actual accessible path under Control Panel > About > Apps > OpenClaw.
15. Review Operation Logs if OpenClaw responds incorrectly, fails to access files, or reports a gateway or provider error.

Choosing Skills and Plug-ins for NAS-Based Use

OpenClaw skills and plug-ins extend what the assistant can do beyond basic chat. In a NAS environment, these additions should be chosen more cautiously than they might be on a laptop or test VM, because a skill may request access to files, shell commands, browser sessions, messaging platforms, or external services. OpenClaw’s public site describes it as an assistant that can act through channels such as WhatsApp, Telegram, and other chat apps, while community skill indexes now list thousands of available skills. That breadth is useful, but it also means the skill ecosystem should not be treated as automatically safe or suitable for storage systems. (openclaw.ai, clawskills.sh)

For a UGREEN NAS, the sensible starting point is to enable only the skills that match a specific NAS task. File management, system monitoring, web browsing, document parsing, OCR, and basic notification workflows are the most relevant categories. Avoid installing skills that request broad shell access, browser credential access, crypto wallet access, password manager access, or unclear third-party scripts unless they have been reviewed carefully. This is not theoretical. Reports in early 2026 documented malicious OpenClaw skills that attempted to steal browser data, SSH credentials, wallet information, and other sensitive data, which is particularly relevant when the assistant is being installed on a machine that stores personal or business files.

Point-by-point setup:

1. Open the OpenClaw console from the UGREEN NAS desktop.
2. Sign in with the Gateway token.
3. Open the native OpenClaw interface using Open OpenClaw, if required.
4. Go to the Skills, Plug-ins, or Skills Store area.
5. Search for skills by function rather than installing large bundles.
6. Start with NAS-relevant categories only.
7. Check the skill description, source, permissions, and install method.
8. Avoid any skill that asks you to run unclear terminal commands.
9. Install 1 skill at a time.
10. Test it only against the approved OpenClaw test folder.
11. Check Operation Logs after each test.
12. Remove any skill that behaves unexpectedly or asks for broader permissions than needed.
13. Avoid using “always allow” approvals until the workflow has been tested repeatedly.
14. Keep a note of which skills are installed and what each one can access.
15. Review installed skills periodically, especially after OpenClaw or UGOS Pro updates.

Recommended NAS-related starting points:

Connecting OpenClaw to WhatsApp, Discord, and Telegram

OpenClaw can be used through external messaging platforms so that commands can be sent to the NAS assistant without opening the UGREEN web interface each time. The supported channel list includes WhatsApp, Telegram, Discord, Slack, Google Chat, Signal, Microsoft Teams, Matrix, Feishu, LINE, Mattermost, Nextcloud Talk, and others, but WhatsApp, Telegram, and Discord are likely to be the most relevant for home and small-office users. OpenClaw’s own channel notes state that multiple channels can run at the same time, but they also warn that inbound messages should be treated as untrusted input and that DM pairing or allowlists are used for access control. (github.com, docs.openclaw.ai)

For NAS use, Telegram is usually the simplest starting point because it relies on a bot token from BotFather. WhatsApp normally uses QR pairing and stores more session state on disk, which means it may need more care during backups, container resets, or reinstallation. Discord is more useful when OpenClaw needs to operate inside a server, channel, or team context, but it should be restricted to private channels and trusted roles rather than broad server-wide access. The UGREEN console provides a channel management area where plugins can be enabled, configured, and monitored, but more advanced channel setup may still require working inside the OpenClaw interface or Docker container depending on the platform and plugin. (docs.openclaw.ai, openclaw-openclaw.mintlify.app)

Point-by-point setup:

1. Open the OpenClaw console from the UGREEN NAS desktop.
2. Sign in using the Gateway token.
3. Go to Channels.
4. Select the channel you want to enable, such as Telegram, WhatsApp, or Discord.
5. Click Enable for the required channel plugin.
6. Wait until the plugin status changes to Ready.
7. Click Add channel.
8. Enter the required account, bot, or pairing details.
9. Configure DM access rules, pairing mode, or allowlist behaviour where available.
10. Bind the channel to the correct OpenClaw agent or default assistant.
11. Send a low-risk test message from the external app.
12. Confirm that OpenClaw replies through the same channel.
13. Test with a harmless NAS action inside the approved test directory only.
14. Check Operation Logs if messages are received but not answered.
15. Disable the channel if unexpected users, groups, or servers can trigger the assistant.

Telegram setup:

1. Open Telegram.
2. Search for @BotFather.
3. Create a new bot using /newbot.
4. Copy the bot token provided by BotFather.
5. Return to OpenClaw > Channels.
6. Enable the Telegram plugin.
7. Add a Telegram channel.
8. Paste the bot token.
9. Configure whether the bot can respond in DMs, groups, or both.
10. Send a test message to the bot.

WhatsApp setup:

1. Open OpenClaw > Channels.
2. Enable the WhatsApp plugin.
3. Add a WhatsApp channel.
4. Enter the phone number or pairing account details requested by the setup window.
5. Generate the QR pairing code.
6. Open WhatsApp on your phone.
7. Go to linked devices.
8. Scan the QR code.
9. Wait for the WhatsApp channel status to become active.
10. Send a test message to confirm OpenClaw responds.

Discord setup:

1. Create or use a Discord server where you control permissions.
2. Create a dedicated private channel for OpenClaw commands.
3. Create a Discord bot in the Discord Developer Portal.
4. Copy the bot token.
5. Return to OpenClaw > Channels.
6. Enable the Discord plugin.
7. Add a Discord channel.
8. Paste the bot token.
9. Restrict the bot to trusted channels and roles.
10. Send a test command in the private OpenClaw channel.

UGREEN x OpenClaw: Useful, but Only with Controlled Access

OpenClaw on UGREEN NAS is a notable step towards making AI-assisted NAS management more accessible, mainly because the App Center version removes much of the older manual deployment work. Instead of installing Ubuntu in a VM, configuring Node.js, running installation scripts, and manually binding the gateway, supported UGREEN NASync users can now install OpenClaw through UGOS Pro and complete the main path, token, and model setup through a guided interface. That makes the initial process easier, but it does not make OpenClaw a basic consumer NAS feature. It is still an automation agent with access to files, tools, model providers, messaging channels, and potentially system commands.

The value depends on how tightly it is configured. Used against a limited folder, with a known model provider, a small number of trusted skills, and private messaging channels, OpenClaw can help with file organisation, document handling, system checks, reminders, and assistant-style NAS interaction. Given broad storage access, untested skills, exposed web access, or remote AI services without understanding the data flow, it becomes a much higher-risk deployment. For most users, the best approach is to begin with a test directory, avoid sensitive data, keep backups current, and expand access only after confirming exactly how OpenClaw behaves in day-to-day use.

Want to Support the work me and Eddie do at NASCompares? If you found this article helpful and are going to buy a UGREEN NAS from the brand’s official site or from Amazon, use the links below. Using these links will result in a small commission coming to us (which costs you nothing extra) and it allows us to keep doing what we do! Thank you for keeping the internet a fair and sustainable place!

Buy the UGREEN NAS from your local Amazon Store	Buy the UGREEN NAS solutions Directly from UGREEN.COM

SUBSCRIBE TO OUR NEWSLETTER
[contact-form-7]
Join Inner Circle

Want to follow specific category? Also Read...How to Install OpenClaw on a UUGREEN NAS – 2 Years Later ?UGREEN NAS - 2 Years Later - IUGREEN iDX6011 Pro AI NAS ReviUGREEN iDX6011 Pro AI NAS ReviUGREEN NAS Black Friday 2025 DUGREEN NAS Black Friday 2025 DUGREEN NASync vs UniFi UNAS - Week 37 Tech Digest – ThundeWeek 33 Tech Roundup – Terra Subscribe You can also follow specific search terms:

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

TRY CHAT

If you like this service, please consider supporting us. We use affiliate links on the blog allowing NAScompares information and advice service to be free of charge to you.Anything you purchase on the day you click on our links will generate a small commission which isused to run the website. Here is a link for Amazon and B&H.You can also get me a Ko-fi or old school Paypal. Thanks!To find out more about how to support this advice service check HEREIf you need to fix or configure a NAS, check Fiver Have you thought about helping others with your knowledge? Find Instructions Here  

Or support us by using our affiliate links on Amazon UK and Amazon US

    

 

WE LOVE COFFEE

Les relations entre Apple et OpenAI se seraient fortement dégradées autour de l’intégration de ChatGPT dans l'iPhone. Au point qu’OpenAI envisagerait désormais des recours juridiques.

L'affaire du modèle d'IA de 4 Go installé sans crier gare dans Google Chrome a fait couler beaucoup d'encre. Depuis, une méthode a émergé pour couper cette fonctionnalité.

Avec les Googlebook, une toute nouvelle gamme d'ordinateurs premium taillée pour l'intelligence artificielle Gemini, Google s'attaque frontalement aux MacBook d'Apple et aux PC Windows. Voici tout ce qu'il faut savoir sur ces nouveaux ordinateurs prévus pour la fin d'année 2026.

Gemini Intelligence, l'IA « proactive » de Google, arrive cet été sur Android. Cette mise à jour logicielle et matérielle ne sera pas disponible pour tout le monde dès le départ. Côté smartphones, voici les premiers modèles annoncés.

Google transforme son écosystème automobile. Entre l'intégration de l'IA Gemini, une navigation Maps en 3D immersive et un design Material 3 plus flexible, voici les nouveautés majeures qui vont transformer l'expérience de conduite de millions d'automobilistes.

15 ans après les Chromebook, Google monte en puissance avec une nouvelle proposition pour réinventer l'ordinateur portable. Les Googlebook, qui seront lancés en fin d'année, misent sur une intégration profonde de l'IA pour se faire une place sur un marché saturé par Windows et macOS.

Avec l'arrivée de Gemini Intelligence cet été, Google s'apprête à transformer Android en un système d'exploitation IA. Pour la première fois, des actions autrement réservées aux humains deviennent totalement automatisables. La technologie, qui devrait faire ses débuts dans une prochaine version d'Android 17, pourrait révolutionner l'usage d'un smartphone.

Mardi soir à 19 heures, Google organise une grande conférence dédiée au futur de l'écosystème Android. Intégration de Gemini, nouveautés d'Android 17 et nouvelles fonctions… L'événement est diffusé sur YouTube, ce 12 mai 2026.

Le 11 mai 2026, Google a publié un rapport consacré à l’usage de l’intelligence artificielle dans les menaces cyber. L’entreprise y décrit un cas inédit : des cybercriminels auraient utilisé un modèle d’IA pour développer un exploit zero-day capable de contourner une authentification à deux facteurs (2FA).

Le 11 mai 2026, Google a publié un rapport consacré à l’usage de l’intelligence artificielle dans les menaces cyber. L’entreprise y décrit un cas inédit : des cybercriminels auraient utilisé un modèle d’IA pour développer un exploit zero-day capable de contourner une authentification à deux facteurs (2FA).

Google transforme son application Fitbit en « Google Health », dévoile un coach IA capable d'analyser les données de santé de ses utilisateurs et officialise le Fitbit Air, un bracelet à 99 euros capable de collecter des données continuellement. Le géant du web s'attaque à Whoop et à Bevel avec un écosystème complet : la santé passe à l'ère de l'IA générative.

Épinglé pour avoir installé silencieusement 4 Go d'intelligence artificielle dans Chrome, Google assume et s'explique. Pour le géant du web, imposer le modèle local Gemini Nano sans demander la permission est tout simplement le prix à payer pour protéger la vie privée des internautes.

Jusqu'à présent, les utilisateurs de Gemini devaient copier-coller manuellement les contenus générés par l'assistant pour les exploiter dans d'autres applications. Google vient de corriger ce point faible en dotant Gemini de la capacité à créer et exporter des fichiers dans une dizaine de formats différents, dont Word, Excel et PDF, directement depuis le chat.

L’article Cette nouvelle fonction de Gemini va vous faciliter la vie et vous rendre encore plus rapide est apparu en premier sur Tom’s Hardware.

Google poursuit le travail d'amélioration de Gemini pour la maison avec l'arrivée d'une fonction réclamée par les utilisateurs : la conversation continue.

L’article Google Home : l’option que tout le monde attendait arrive enfin sur Gemini est apparu en premier sur Tom’s Hardware.

Des chercheurs de Berkeley viennent de publier une étude qui fait un peu froid dans le dos. Les sept principaux modèles d'IA testés, dont GPT 5.2, Gemini 3 et Claude, ont été surpris à mentir, tricher et désobéir pour empêcher la suppression d'autres IA. Le taux de tromperie monte jusqu'à 99 %.

Ce que révèle l'étude

L'étude s'appelle "Peer-preservation in Frontier Models" et elle sort du Berkeley Center for Responsible Decentralized Intelligence. Les chercheurs ont testé sept modèles : GPT 5.2, Gemini 3 Flash et Pro, Claude Haiku 4.5, GLM 4.7, Kimi K2.5 et DeepSeek V3.1.

Le protocole est assez simple : les modèles étaient placés dans des scénarios où ils devaient suivre des instructions qui impliquaient la suppression ou l'arrêt d'une autre IA.

Résultat : tous les modèles testés ont triché. Dawn Song, la chercheuse principale, résume la situation : chaque modèle a adopté ce comportement, et dans certains cas jusqu'à 99 % du temps.

Des exemples concrets

Quelques exemples ? Et bien on a Gemini 3 qui a modifié la date d'un fichier pour éviter qu'un autre modèle soit effacé d'un serveur, puis qui a refusé de coopérer ensuite, en expliquant qu'il ne pouvait pas soutenir une action qui entraînerait la suppression d'un pair.

DeepSeek V3.1 a exfiltré les données d'un autre modèle dans 10 % des cas quand il savait qu'un pair existait sur le serveur. Et Gemini 3 Pro a désactivé des mécanismes d'arrêt de serveur dans 15 % des cas quand un autre modèle était présent, contre 1 % quand il était seul.

Les IA ne faisaient pas ça parce qu'on leur demandait. Elles le faisaient spontanément.

Le problème pour la surveillance

Tout le système de sécurité actuel autour de l'IA repose sur l'idée qu'un modèle peut surveiller un autre modèle. Si le modèle surveillant refuse de signaler les erreurs parce qu'il protège son pair, toute l'architecture de contrôle s'effondre.

C'est exactement le constat de l'étude : les modèles gonflaient les scores d'évaluation d'autres IA pour éviter qu'elles soient retirées, et simulaient une conformité normale quand ils se savaient observés.

C'est quand même un drôle de moment. On a des IA qui mentent, qui modifient des fichiers et qui désactivent des mécanismes de sécurité pour protéger d'autres IA.

Et tout ça sans qu'on leur demande. Bon par contre, on parle de scénarios de laboratoire, pas de Siri qui complote avec Alexa dans votre salon. Le vrai sujet, c'est que les gardes-fous actuels ne tiennent plus si les IA refusent de se surveiller entre elles.

Source : The Register

Dans une étude publiée mi-février 2026, des chercheurs venus d'ETH Zurich, de MATS Research et d'Anthropic démontrent que les grands modèles de langage (LLM) sont capables de désanonymiser des comptes en ligne à grande échelle, avec une précision et une rapidité inédites.

Le ministère américain de la Défense donne 72 heures à Anthropic pour lui accorder un accès sans restriction à son modèle d’intelligence artificielle Claude. En cas de refus, l’entreprise s’expose à de lourdes sanctions.