20260424 - Project Lobster: Microsoft brings Copilot AI to OpenClaw

7 min

•Apr 24, 20264 days ago

Summary

Microsoft is secretly developing Project Lobster, an integration of OpenClaw (Claude-based AI) into Microsoft 365, despite CEO Satya Nadella publicly dismissing the idea as impossible. The initiative, led by Corporate Vice President Omar Shaheen, faces significant security challenges that Windows Defender has flagged as inherent vulnerabilities in the OpenClaw architecture.

Insights

Microsoft leadership publicly denies projects while simultaneously building them internally, suggesting strategic misdirection or organizational misalignment at scale
Enterprise AI assistants with persistent identity and state management create novel security attack surfaces that existing security frameworks struggle to address
Token-based pricing models for AI services represent a major revenue opportunity for Microsoft, incentivizing aggressive product launches despite security concerns
Open-source AI projects (OpenClaw/Claude) are being rapidly forked and commercialized by major vendors without addressing foundational security architecture issues
Prompt injection and agent manipulation vulnerabilities are being treated as manageable operational concerns rather than blocking issues for enterprise deployment

Trends

Enterprise AI agents moving from chatbot interfaces to persistent identity-based assistants with organizational memoryMajor cloud vendors integrating third-party open-source AI models into productivity suites as competitive response to AI disruptionToken-based consumption pricing becoming standard for enterprise AI services, creating recurring revenue modelsSecurity teams identifying fundamental architectural vulnerabilities in AI agents that cannot be fully mitigated at deployment layerGap between public executive statements and internal product development strategies widening in AI initiativesGitHub Copilot and similar tools transitioning from subscription to token-based pricing modelsAI-generated imagery and vibe-driven product naming becoming part of enterprise software marketing strategy

Topics

AI Agent Security Architecture Prompt Injection Vulnerabilities Enterprise AI Integration in Microsoft 365 Token-Based Pricing Models for AI Services OpenClaw/Claude Commercial Deployment AI State Management and Memory Manipulation Corporate AI Strategy Misalignment Windows Defender AI Security Posture GitHub Copilot Pricing Transition Personal AI Assistants in Enterprise Software Malicious Skill Files and Agent Manipulation Open Source AI Commercialization Executive Communications vs. Product Reality

Companies

Microsoft

Developing Project Lobster to integrate OpenClaw AI into Microsoft 365 despite public denial from CEO Nadella

OpenAI

OpenClaw is Claude-based AI being integrated into Microsoft products as competitive response

GitHub

Project Lobster has official repository on Microsoft's GitHub organization; Copilot moving to token-based pricing

People

Satya Nadella

Publicly dismissed OpenClaw integration as impossible while internal teams actively build Project Lobster

Omar Shaheen

Leading Project Lobster team building personal assistants for Microsoft 365 using OpenClaw architecture

Yuka Nirenan

Posted LinkedIn parody of Microsoft's AI strategy that Microsoft then appeared to implement as actual product

David Gerrard

Podcast host analyzing Microsoft's Project Lobster and AI security implications

Quotes

"I can launch OpenClaw as Microsoft I mean, if you know, it just wouldn't work. I don't have permission to do that because that would be considered Microsoft launching a virus."

Satya Nadella•March

"leading a team building personal assistance for Microsoft 365 customers"

Omar Shaheen•March 31st

"I'm personally using ClawPilot every day as my main interface to work. It acts as my personal assistant signs my messages and teams chat as Sebastian"

Omar Shaheen•Recent

"Monitor for state or memory manipulation. Regularly review the agent's saved instructions and state for unexpected persistent rules."

Windows Defender antivirus team•February

"This isn't a chatbot. It's a personal agent with an enterer identity operating securely inside your org, managed by Agent 365"

Omar Shaheen•Recent

Full Transcript

Hi, I'm David Gerrard and this is Pivot to AI, coming to you Monday to Friday. Today, be careful what you joke about. OpenClaw is a vibe-coded personal assistant. OpenClaw is here to ruin your inbox and send all your money to an AI vendor. Satya Nadella from Microsoft was enraptured with OpenClaw in January. Quote, Nadella wrote about how he had used ClaudeBot, and he encouraged staff to think about developing similar products. Yuka Nirenan decided to post to LinkedIn in February with what he thought was an obvious parody of Microsoft's AI strategy. Quote, Claw is the new vibe, so you can be sure we'll see Microsoft introduce this term into its product marketing one way or another. Maybe they could rename Microsoft Agent 365 to Microsoft Claw 365, if Satya isn't yet ready to declare his org the Claw Pilot Company. Just yet. Unquote. Nadella said in March of course Microsoft would not do an OpenClaw product Come on now Ridiculous idea Totally insecure Quote I can launch OpenClaw as Microsoft I mean, if you know, it just wouldn't work. I don't have permission to do that because that would be considered Microsoft launching a virus. I mean, that's just not a thing. At the same time, it's a fantastic innovation, right? Unquote. Then on March 31st, Omar Shaheen, Corporate Vice President at Microsoft Word, got a new position at Microsoft. Quote, leading a team building personal assistance for Microsoft 365 customers. Unquote. He means OpenClaw, putting OpenClaw into Office 365. 5. Shaheen gave his post an illustration of an AI-generated cat holding a Windows flag, the old Microsoft NinjaCad image, riding a lobster. The lobster also had a cat face. He must have been prompting it wrong. Microsoft Project Lobster is not yet a product, but it's an actual team at Microsoft with an official repository on Microsoft's own GitHub organization forked from OpenClaw. Shaheen posted just yesterday how the Project Lobster team works. Quote, I'm personally using ClawPilot every day as my main interface to work. It acts as my personal assistant signs my messages and teams chat as Sebastian And I already contributed pull requests fixing bugs and adding features Unquote With AI you can have corporate vice president code in your repo That's what every developer wants to hear. How does Shaheen control the thing his own CEO calls a virus? Quote. This isn't a chatbot. It's a personal agent with an enterer identity operating securely inside your org, managed by Agent 365, unquote. That's securely in the sense of saying the word securely a lot. Also, it's open claw. I'm confident it's what you'd expect if you said the words vibe security. The Windows Defender antivirus team had posted in February how OpenClaw was insecure trash by its nature. Here's their advice on how to secure OpenClaw against malicious skill files and prompt injection. Quote. Monitor for state or memory manipulation. Regularly review the agent's saved instructions and state for unexpected persistent rules. newly trusted sources, or changes in behavior across runs. Unquote. Shaheen wants to put this into your office software at work. So all Shaheen needs to do is solve chatbot prompt injection Easy You might think this is the stupidest thing you heard today That because it is But Microsoft would love to sell you OpenClaw You can pay for more and more and more Copilot AI tokens just to run your personal assistant. Remember that GitHub Copilot is moving to token-based pricing by June. And you bet, Microsoft wants that pricing model for whatever it calls Copilot. And I'm sure everyone here would love it if Yuka was a bit more careful with his jokes. Okay? Thanks for tuning in to Pivot to AI. So, the Ghost in the Machine documentary last night was great, and it fully rated the applause it got at the end. is playing tonight and through the next week in London and in Kansas City, Missouri. Wider screenings will be coming in coming months. There's also an official pay-to-rent link, which you can use now. I've put all that in the show notes. Please do forward this episode to the co-pilot 365 sufferer in your life. Let them know what's coming their way. Hit like and subscribe on YouTube. Leave a nice review in your podcast app. and don't forget to send your $5 to the Patreon linked in the show notes. That keeps PivotToyEye coming out daily. Thank you all. I'll see you on Monday and bye for now. Thank you.