The Definitive Guide
Ten chapters covering architecture, setup, skills, prompting, planning, optimization, proactive automation, sub-agents, real-world use cases, and security. Whether you just set up your first instance or you have been running one for months, this openclaw book is the complete reference for getting the most out of the platform.
Real tactics, real results. No fluff, no spam. Unsubscribe anytime.
Chapter 1
OpenClaw is not a chatbot. It is an autonomous AI agent platform that runs on hardware you control. Understanding the architecture is the first step to using it well, and the core loop is surprisingly simple once you see it clearly.
Every interaction follows the same cycle: you send a message through a channel like Telegram, WhatsApp, Discord, or any supported platform. That message hits the Gateway, which is a process running 24/7 on your server. The Gateway takes your message and sends it to a large language model along with your agent's full context: its personality, its knowledge about you, its memories, and its operating instructions. The model processes everything and responds, sometimes with a direct reply and sometimes with a tool call.
Tool calls are where things get interesting. If the model decides it needs to take action, it can read or write files, execute shell commands, browse the web, send messages on your behalf, interact with APIs, or schedule future tasks. After executing a tool call, the result goes back to the model, which decides what to do next. This loop can repeat as many times as needed. The model might read a file, search the web, write code, test it, fix a bug, and then respond to you, all in a single interaction.
To put this in practical terms: you message your agent "draft an email to the client about the project delay." The model reads your recent conversation history and your relationship with that client from memory files, checks the project build log to understand the actual status, drafts an email in your voice, and sends you the draft for approval. If you say "send it," the agent opens your Gmail integration and sends the email directly. One message from you triggered reading, writing, reasoning, and execution. That is the core loop in action.
The Gateway itself is lightweight. It does not do the thinking. It routes messages between you and the LLM, manages tool execution, handles scheduling, and maintains the connection to your messaging platforms. Think of it as the nervous system connecting your brain (the LLM) to your hands (the tools). It runs 24/7 with minimal resource usage, typically consuming less than 500MB of RAM even under heavy load.
The key insight is that OpenClaw is not running on someone else's cloud. The Gateway runs on YOUR server, whether that is a VPS you rent for $15 a month or a Mac Mini sitting on your desk. Your data stays on your machine. Your conversations, your files, your memories, your business data. None of it passes through a third-party service beyond the LLM API call itself. This matters for privacy, for compliance, and for the simple peace of mind that comes from knowing exactly where your data lives.
Every OpenClaw agent has a set of files that define who it is, what it knows, and how it operates. Think of these as the agent's brain. Change the files, change the AI. This is not a metaphor. These files load into every conversation, shaping every response, every decision, every action the agent takes. Understanding them is understanding your agent.
This is your agent's personality. Its tone, its communication style, its boundaries, its values. If you want your agent to be formal and professional, you write that into SOUL.md. If you want it to be casual and funny, you write that instead. The SOUL file shapes every single response the agent produces.
Some users create agents that are direct and no-nonsense. Others build agents with distinctive personalities, complete with sarcasm, humor, or a particular communication cadence that feels like a colleague rather than a tool. One user configured an agent with a "relentlessly honest" personality that pushes back on bad ideas instead of agreeing with everything. Another built an agent with a warm, encouraging tone designed for client-facing interactions. The choice is yours, and you can change it at any time. The agent becomes whatever you write in SOUL.md, immediately.
This file is about you. Your name, your business, your goals, your preferences. The more context your agent has about who you are and what you are trying to accomplish, the better its output becomes. A good USER.md includes your role, the kind of work you do, your communication preferences, time zone, and any context that helps the agent make better decisions without asking you for clarification every time.
Long-term memory that persists across sessions. Your agent wakes up fresh every time, with no inherent memory of previous conversations, but MEMORY.md gives it continuity. Decisions you have made, lessons learned, ongoing projects, important context, client details, and anything else worth remembering long-term.
Think of it like a human's long-term memory distilled into a file. The agent reads this every session and uses it to maintain context about your relationship, your business, and your preferences over time. Without MEMORY.md, every conversation would start from zero. With it, your agent remembers that you prefer bullet points over paragraphs, that your biggest client is named Sarah, that you tried a particular marketing strategy last month and it did not work, and that you have a board meeting every second Tuesday.
The common mistake with MEMORY.md is letting it become a diary. More on that in Chapter 6, but the key point here is that MEMORY.md should be curated, not chronological. It is a reference document, not a journal.
Operating instructions. This is the rulebook for how the agent behaves: how it handles files, when it should ask permission versus act independently, how it manages memory, what it does during idle time, and how it operates in group chats. AGENTS.md is the single most important file for shaping your agent's behavior beyond its personality.
A well-written AGENTS.md covers safety boundaries (what the agent should never do without asking), file conventions (where to save things, how to name files), communication rules (how to behave in group chats versus direct messages), memory management (when to write to daily files versus MEMORY.md), and proactive behavior rules (what to do during heartbeats, when to reach out). Most users start with a template and refine it over weeks as they discover what their agent needs to know.
Local configuration notes. Account names, IP addresses, camera names, SSH hosts, voice preferences. This is NOT where instructions go. It is a quick-reference sheet of environment-specific details that help the agent do its job without asking you for information it should already have.
A periodic checklist. When the agent wakes up on its heartbeat cycle (more on this in Chapter 7), it reads HEARTBEAT.md and follows the checklist. Check email. Review calendar. Monitor leads. Whatever you need it to do proactively, you put it here.
The distinction between OpenClaw and every other AI tool on the market comes down to three things: ownership, memory, and accumulation.
Ownership. Your agent runs on your hardware. No vendor lock-in. No monthly SaaS fee for the platform itself (you pay for the LLM API, not the agent framework). No dependency on a company staying in business or maintaining servers. If the OpenClaw project disappeared tomorrow, your agent would keep running on your machine with your data intact. Compare that to any SaaS AI tool where the company shutting down means losing everything. Ownership also means control. You decide what your agent can access, what it stores, what it deletes, and who can talk to it. Nobody else makes those decisions for you.
Memory. ChatGPT forgets you between sessions. Claude.ai has limited memory. OpenClaw remembers everything you tell it to remember, because memory is just files on disk. There is no context window limit for stored knowledge. The agent can maintain detailed records of every project, every decision, every client interaction, indefinitely. Three months of client notes, project plans, meeting summaries, and business intelligence, all accessible instantly. The agent does not just remember facts. It remembers your preferences, your patterns, your communication style, and the entire history of your working relationship.
Accumulation. This is the most powerful concept and the one that separates OpenClaw from everything else. Every time your agent builds something useful, it can save that work as a skill. Skills are reusable instruction sets that make the agent better at specific tasks. Over time, your agent accumulates capabilities. It starts as a general-purpose assistant and gradually becomes a specialist in everything your business needs.
Consider the trajectory: in week one, your agent writes decent emails. By week four, it has a refined email skill that matches your tone perfectly. By month three, it has skills for email, content writing, SEO audits, client onboarding, proposal drafting, and lead research, all customized to your specific standards through repeated feedback. Six months in, your agent has dozens of refined skills, deep memory of your preferences, and the ability to handle complex workflows that would take a new user weeks to set up. That accumulated capability compounds daily. It is an asset that grows more valuable with every interaction, and it is something no other AI tool offers.
This is not a chatbot you rent. It is infrastructure you own. And it gets better every single day you use it.
Chapter 2
You have two main options for running OpenClaw, and the right choice depends on your situation, your budget, and how much infrastructure management you want to deal with.
VPS (Virtual Private Server) is the recommended path for most users. A Hetzner CX43 gives you 8 vCPU cores, 16GB of RAM, and 160GB of storage for roughly $15 per month. That is more than enough to run OpenClaw with multiple sub-agents, browser automation, SearXNG for web search, and all the tools you will ever need. The VPS is always on, always connected, and accessible from anywhere in the world. No worrying about your home internet going down, your machine going to sleep, or power outages killing your agent mid-task.
Hetzner is the most popular choice in the community because of the price-to-performance ratio, but DigitalOcean, Linode, Vultr, and AWS Lightsail all work. The key specs to look for: at least 4 vCPUs, at least 8GB RAM (16GB preferred), and 80GB+ storage. Anything meeting those specs will run OpenClaw comfortably.
Mac Mini is the alternative for users who want everything local. No monthly cost beyond electricity. Better for situations where data sensitivity is extreme, where regulatory compliance requires on-premise hosting, or where you want the agent to interact with macOS-specific tools like Xcode, Shortcuts, or native applications. The M-series chips are powerful enough to run OpenClaw, SearXNG, and a full development environment simultaneously.
The trade-off is that you need to manage uptime yourself, deal with local networking (port forwarding or Tailscale for remote access), handle your own backups, and accept that your agent goes offline if your machine restarts or your internet drops. For businesses where 24/7 uptime matters, this trade-off usually pushes people toward a VPS.
For most people reading this openclaw book, the VPS is the better starting point. It is cheaper than a Mac Mini, simpler to set up, more reliable, and easier to secure. You can always move to a Mac Mini later if your needs change, and the migration is straightforward since your agent's entire identity is just files that you can copy.
Here is where OpenClaw setup gets genuinely surprising. You do not need to know Linux. You do not need DevOps experience. You do not even need to understand what SSH is. The setup process uses Claude Code (Anthropic's CLI tool) to install everything automatically.
The steps are straightforward:
Install Claude Code
npm install -g @anthropic-ai/claude-code
After installing, type claude in your terminal to open it up. You will also need your setup token. To get it, open a new terminal window and run:
Get your setup token
claude setup-token
This gives you the token that connects Claude Code to your Claude subscription. You will need this during the OpenClaw installation process.
That is it. AI installing AI. Zero DevOps knowledge required. You do not need to know what nginx is, how to configure a systemd service, or what a reverse proxy does. Claude Code handles all of it: installing Node.js, setting up the gateway process, configuring the messaging bot, creating the workspace directory structure, and starting the agent. The entire process takes about 15 minutes, and you end your first session with a working AI agent responding to your messages in real time.
A word of caution: letting an AI install software on your server is not the most secure way to do things. You are giving Claude Code root access to your machine and trusting it to configure everything correctly. For most people, the convenience massively outweighs the risk, and it is by far the easiest way to get started. But it is worth knowing the trade-off. The good news is that once your agent is up and running, Chapter 10 of this book covers a tonne of security hardening steps you can take to lock everything down: firewall rules, SSH hardening, Tailscale for private networking, file permissions, and more. The way you set it up does not have to be the way it stays.
If something goes wrong during setup (and occasionally it does, usually a firewall rule or a typo in a token), Claude Code diagnoses the issue and fixes it. You are not troubleshooting. You are watching your AI install itself.
A freshly installed OpenClaw can chat with you, read and write files, execute commands, and browse the web. That alone is useful, but the real power comes when you connect it to the tools you already use every day.
First things first: create a dedicated Gmail account for your OpenClaw. Do not use your personal Gmail. Your agent needs its own identity. Create a new Google account (something like yourname-openclaw@gmail.com) and use that account to sign up for every service your agent will touch: Google Cloud, GitHub, Vercel, API providers, everything. This keeps your personal accounts clean, makes permissions easy to manage, and means you can revoke all agent access in one place if you ever need to. Think of it as giving your new employee their own company email on day one.
Groq Whisper should be your first connection. It gives your agent the ability to understand voice messages using Whisper transcription, and it is completely free. Sign up for a Groq API key at groq.com, then just give the key to your OpenClaw and tell it to set up Whisper transcription. Tell it to store the key securely in your .env file rather than hardcoding it anywhere. Your agent will handle the rest. Once connected, you can send voice notes to your agent instead of typing, which changes the dynamic entirely. Walking down the street and remembering a task? Voice note to your agent. In a meeting and need to capture an action item? Voice note. Driving? Voice note. The barrier between you and your agent drops to zero.
SearXNG is a self-hosted search engine that gives your agent web search capabilities without rate limits or API costs. It runs on the same server as your agent and processes hundreds of searches per day at zero cost. Without SearXNG, your agent is limited to its training data. With SearXNG, it can look up current information, verify facts, research competitors, check prices, and find resources in real time. This is a non-negotiable integration for any serious setup. To set it up, just tell your OpenClaw: "Install SearXNG on this server using Docker and configure yourself to use it for web search." It will pull the Docker image, set up the container, and wire itself to use it automatically.
Google Workspace integration connects Gmail, Google Calendar, and Google Drive. This is the biggest unlock for most business users and the integration that typically produces the most immediate ROI. Your agent can read incoming emails and draft responses, check your schedule and prep for meetings, create and modify calendar events, organize files in Drive, and build automated workflows around all three services. Setting up Google Workspace requires creating a Google Cloud project and configuring OAuth credentials. Here is the best part: your agent can do most of it for you. Tell your OpenClaw: "Set up Google Workspace integration using my dedicated Gmail account." It will walk you through creating the Cloud project, enable the APIs, configure OAuth, and connect everything. You just approve the consent screen when prompted and paste in the authorization code. Store all credentials in your .env file.
GitHub and Vercel let your agent deploy websites and tools. It can write code, push to a repository, trigger a build, and have a live production site deployed in minutes. This becomes critical later when we discuss sub-agents and content automation. Create free accounts on both platforms using your agent's dedicated email, then tell your OpenClaw: "Set up GitHub CLI and Vercel CLI so you can deploy projects." It will install the CLIs, authenticate them, and you are ready to ship. Free Vercel accounts are sufficient for most deployments, meaning your agent can create and maintain websites at zero hosting cost.
The order matters. Set up Groq Whisper first (fastest, most immediately useful), then SearXNG (unlocks research), then Google Workspace (unlocks business automation), then GitHub/Vercel (unlocks building). Each connection multiplies the value of the ones before it.
OpenClaw itself is free and open source. The cost comes from the AI model that powers it. I recommend using a Claude subscription from Anthropic, which is what OpenClaw is built on and what most of the community uses. You will need to generate a Claude Code setup token from your Anthropic subscription to connect your usage. This token is what allows your OpenClaw instance to pull from your subscription quota instead of paying per-API-call.
Upgrades are prorated. Start at $100 and move up if you find yourself hitting limits. The ROI becomes obvious quickly once your agent starts handling real work.
Your agent is running. Your tools are connected. Now comes the most important part of the entire setup, and the step most people rush through: teaching your agent who you are.
The quality of your onboarding directly determines the quality of every interaction that follows. An agent that knows your business inside out produces relevant, useful output on the first try. An agent with shallow context guesses, asks clarifying questions, and produces generic results that need heavy editing.
The best onboarding method is a deep-dive interview. Tell your agent about yourself and let it ask follow-up questions. Cover your business (what you do, who you serve, your revenue model), your goals (short-term and long-term), your working style (when you work, how you communicate, your preferences), your clients (who they are, what they need, how you serve them), your daily routine (what takes the most time, what you enjoy, what you avoid), and your tools (what you use, what you wish worked better).
Expect the interview to take 20 to 30 minutes. That is 30 minutes invested once that pays dividends in every interaction for months. The agent will update USER.md with everything it learns, creating a comprehensive profile that informs every future response.
If you have been using ChatGPT, export your conversation history and feed it to your agent. It will analyze months of your conversations and extract patterns about how you think, what you care about, and what you ask for most often. This is surprisingly effective. Your ChatGPT history reveals your communication style, your recurring problems, and the types of tasks you most commonly need help with.
Then brainstorm. Ask your agent what it can do for you based on everything it now knows. You will be surprised at the suggestions. It sees your full setup, your tools, your business context, and it can identify automation opportunities you would never think of on your own. One user discovered through this brainstorm that their agent could automate their entire invoicing process, something they had been doing manually for years without thinking of it as automatable.
The onboarding workflow that works best follows a pattern you will use for everything: explain your situation, let the agent flesh out the best approach, agree on what to do, then execute. This collaborative planning pattern applies to initial setup, daily tasks, and complex projects months down the road. It is the foundation of effective human-AI collaboration.
Onboarding Prompt
I just set up OpenClaw and I want you to learn about me and my business.
Ask me questions one at a time to build a comprehensive understanding of:
- Who I am and what my business does
- My daily workflow and biggest time sinks
- What tools and platforms I use
- My short-term and long-term goals
- What I wish I could automate
After the interview, update USER.md with everything you learned
and suggest 5 specific ways you can help me starting today.
Book a 1-on-1 strategy call and get your OpenClaw set up, optimized, and working for your specific business.
BOOK A STRATEGY CALL →Copy-paste prompts, real configs, and step-by-step walkthroughs from people actually running OpenClaw. Easier to digest than the full book.
BROWSE THE LESSONS →Chapter 3
Skills are reusable instruction sets that load only when needed. They live in a skills/ folder, each with its own SKILL.md file that tells the agent what the skill does, when to use it, and how to execute it. A skill can also include scripts, templates, configuration files, and any other assets it needs.
The concept solves a fundamental problem that every OpenClaw user eventually hits. If you put every instruction into your brain files (AGENTS.md, SOUL.md, etc.), those files bloat quickly. Every message loads ALL brain files into context, so bloated files mean slower, dumber, more expensive responses. An agent with 70KB of context files is paying a token tax on every single interaction for instructions that are irrelevant 95% of the time. Skills fix this by keeping specialized instructions out of the main context until the agent actually needs them.
Think of it this way: your brain files are general operating instructions that apply to every interaction. Skills are specialist knowledge that only matters for specific tasks. A skill for writing blog posts does not need to load when the agent is checking your email. A skill for deploying websites does not need to load when the agent is drafting a sales proposal. A skill for SEO auditing does not need to load when the agent is managing your calendar. By keeping these instructions in skills rather than brain files, every interaction is faster, cheaper, and more focused.
The file structure is simple. Each skill gets its own directory under skills/:
Method 1: From scratch. Describe what you want and let the agent build it. "Create a skill that writes LinkedIn posts in my voice, with a hook, three value points, and a call to action." The agent creates the SKILL.md, tests it, and refines it based on your feedback. This method works best when you have a clear vision of what the skill should do but have not done the task manually yet. You are designing the process from a blank slate.
Method 2: From a completed task. This is the easiest and most powerful method, and the one most experienced users rely on. After the agent does something well, tell it: "Turn what you just did into a skill." The agent extracts the process, the prompts, the decision logic, the output format, and packages it all into a reusable skill. Next time you need the same kind of work, the agent follows the skill instead of starting from scratch. It does the same work in half the time with better results because the skill encodes everything that worked the first time.
The beauty of this method is that you are not designing a skill abstractly. You are capturing a proven process. The agent just did something well, so the skill reflects reality, not theory.
Method 3: Explain and refine. Walk the agent through a process step by step. "Here is how I want you to handle client onboarding: first, review the intake form. Then create a project folder in Drive. Then draft a welcome email using the premium template. Then create a Notion page with the project timeline. Then schedule the kickoff call." The agent listens, asks clarifying questions about edge cases and preferences, and turns your explanation into a structured skill with clear steps, decision trees, and templates.
This method works best for processes you already do well manually and want to hand off to the agent. You are teaching, not designing. The agent becomes your apprentice, learning your exact workflow and packaging it for autonomous execution.
Turn a Completed Task into a Skill
That was great. Turn what you just did into a reusable skill.
Include every step, the decision logic you used, and any templates.
Save it to skills/ with a clear SKILL.md so you can repeat
this exact process whenever I ask.
Skills get better over time, but only if you give feedback. This is the compounding mechanism that makes OpenClaw fundamentally different from other AI tools, and it is the single most important habit to develop as an OpenClaw user.
The cycle works like this: you use a skill, the output is not perfect, you give specific feedback, the agent updates the skill, and next time the output is better. Every edit is permanent. Every refinement compounds. After five or six rounds of feedback, a skill that started producing decent output is now producing excellent output, tailored exactly to your standards.
To illustrate: your email writing skill produces an email that is technically fine but too formal for this particular client. You say: "Too formal for casual clients. Add a rule: if the client relationship is marked as casual in the CRM, use a friendly tone with first names and shorter sentences. Update the skill." The agent modifies the SKILL.md to include this logic. From now on, every email to casual clients automatically gets the right tone. You never give that feedback again.
Now multiply that across dozens of small refinements over weeks. The skill accumulates your judgment, your preferences, your taste. After two months of feedback, the email skill knows your voice better than a new hire would after six months of training. That is the compounding effect in action.
The critical detail most users miss: always tell the agent to update the skill itself. Saying "that email was too long" gives the agent a one-time correction. It adjusts this response but forgets by next session. Saying "that email was too long, update the skill so all future emails are under 150 words" gives the agent a permanent correction that applies to every future use of that skill. The difference is enormous over time. One approach gives you incremental help. The other builds a permanently improving system.
Feedback Prompt
Good output, but two changes needed:
1. [Specific feedback about what to change]
2. [Specific feedback about what to change]
Update the skill with these changes so all future runs
follow these new guidelines automatically.
The OpenClaw community has built hundreds of skills. Here are the most impactful ones:
Warning: Always vet third-party skills before installing. Cisco's security team found malware in 37 popular skills on the community hub. A skill has the same access as your agent, which means it has access to your files, your shell, your messages, and everything connected. Read the SKILL.md yourself before installing anything. Use the Cisco Skill Scanner if available. Trust but verify.
Connect with other OpenClaw users, get help, share what you've built.
BROWSE THE LESSONS →Want this set up for your business? Let's talk about what's possible.
BOOK A STRATEGY CALL →Chapter 4
Most people get disappointing results from AI because they skip straight to execution. They type "build me a landing page" and are surprised when the output is generic, unfocused, and wrong in a dozen small ways. Then they blame the AI. The fix is not better prompts, a fancier model, or more expensive tokens. It is better process.
The workflow that consistently produces excellent results follows four steps: explain your idea, let the agent ask clarifying questions, agree on the approach together, then execute. This simple change transforms your results because the agent is not guessing what you want. It knows. You told it. And more importantly, you reviewed its understanding before it started working. If its plan is wrong, you catch it before any effort is wasted.
Think about how you would work with a new employee. You would not say "build me a landing page" and walk away. You would describe the product, the audience, the tone, the goal, the design preferences, the competitive landscape, and the conversion objective. You would answer their questions. Then you would review their plan before they started building. If the plan was wrong, you would correct it before they spent eight hours going the wrong direction.
The same principle applies to your AI agent. It is smart, but it is not psychic. It does not know which of the hundred possible interpretations of "build me a landing page" you have in your head. The five minutes you spend fleshing out the approach saves hours of revision and frustration. This is not about writing longer prompts. It is about creating a conversation where the agent builds understanding before it builds anything else.
The investment scales with complexity. For a simple email, a one-sentence prompt is fine because the agent has your email skill and your communication preferences. For a landing page, spend five minutes on the brief. For a multi-week project, spend an hour on planning (see Chapter 5). The rule of thumb: if the task will take the agent more than ten minutes to execute, spend at least two minutes defining it.
The "Flesh Out First" Prompt
I want to [describe the goal]. Before you start building anything,
let's flesh out the approach together.
Ask me clarifying questions about:
- The audience and purpose
- Any constraints or preferences I have
- What success looks like
Then propose a plan. I'll review it before you execute.
Meta prompting is the practice of getting your agent to write its own prompts. Instead of crafting the perfect prompt yourself, you describe what you want to accomplish and let the agent generate the prompt that will produce the best result. This works because LLMs understand their own capabilities and constraints better than you do. They know what instructions produce sharp output and what phrasing leads to vague, generic responses.
The simplest form: tell your agent what you need, then ask it to write the prompt that would get the best version of that output. Review the prompt, tweak if needed, then feed it back. You are using the AI to prompt the AI. The result is almost always better than what you would have written yourself, because the agent optimizes for how it actually processes instructions rather than how you think it processes them.
This gets powerful when you chain it. Ask the agent to write a prompt, run that prompt, evaluate the output, then refine the prompt based on what worked and what did not. After two or three rounds, you have a battle-tested prompt that consistently produces excellent results. Save that prompt in a skill, and you never have to think about it again.
Meta prompting is especially useful for tasks you do not know how to prompt well. Writing ad copy, generating technical documentation, creating email sequences, building outreach templates. Instead of Googling "best ChatGPT prompt for X," ask your agent to design the prompt. It has full context on your business, your voice, your goals. The prompt it writes will be tailored to your specific situation, not some generic template from a prompt library.
Basic Meta Prompt
I need to write a cold outreach email to SaaS founders
who might need AI automation.
Write the best possible prompt that would produce
a high-converting outreach email. Include instructions
about tone, length, personalization, and CTA.
Then run that prompt yourself and show me the result.
Iterative Meta Prompt
Here's my current prompt for writing LinkedIn posts:
[paste your prompt]
Rewrite this prompt to get better results. Make it more
specific, add constraints that improve quality, and include
examples of what good output looks like.
Then test your new version and show me the difference.
Skill-Building Meta Prompt
I want a skill that drafts weekly client reports.
Design the complete prompt/instruction set for this skill.
Think about: what context it needs, what format works best,
what makes a report actually useful vs generic.
Write the SKILL.md yourself. Make it something that
produces great output every time without my input.
Run these meta prompts monthly. Your agent sees your entire setup and has ideas you would never think of. The Business Boost Audit alone has generated actionable revenue ideas for every single client who has tried it.
There is a massive difference between bad feedback and good feedback, and the difference determines whether your agent improves or stays stuck at the same level.
"The email was too long."
"Make it better."
"That's not what I wanted."
"Under 100 words. Second paragraph felt salesy. Value hint should be one sentence max."
"Update the skill with this feedback."
Bad feedback is vague and temporary. The agent adjusts for this one response but forgets by next session. Good feedback is specific and permanent when you tell the agent to update the skill. The difference compounds over weeks and months. An agent that gets good feedback for six months is an order of magnitude better than one that gets bad feedback for the same period.
Be specific about what to change. Be explicit about updating the skill. And be consistent. Every piece of feedback is an investment in your agent's long-term capability.
Here are the most useful prompts from the OpenClaw ecosystem, ready to copy and use:
Brainstorm Use Cases
Based on everything you know about me, my business,
my tools, and my current setup, brainstorm 15 specific
things you could do for me that I haven't asked for yet.
Focus on things that save time, make money, or reduce
friction. Be specific, not generic.
Skill Creation Prompt
Create a new skill for [task description].
The skill should:
- [Specific requirement 1]
- [Specific requirement 2]
- [Specific requirement 3]
Include clear instructions in SKILL.md, any templates
needed, and example inputs/outputs. Save to skills/
and test it with a sample run.
Context File Audit
Audit all of your context files right now.
Check AGENTS.md, SOUL.md, USER.md, TOOLS.md,
MEMORY.md, and HEARTBEAT.md.
For each file, report:
- Current size (lines and approximate tokens)
- Content that should be moved to a skill
- Content that is outdated and should be deleted
- Content that is verbose and should be compressed
Then make the changes. Show me before/after sizes.
Chapter 5
Most failed projects fail because they started building too fast. This is true in software development, true in business, and especially true with AI agents. The temptation is strong: your agent can build things quickly, so why not just start? Because speed without direction produces waste, not results.
Any project that involves more than three steps or will take more than two hours needs a plan document first. Not a conversation. Not a "mental note." A real document that the agent (and you) can reference throughout the build. The plan IS the work. Building is just execution of a plan that already exists.
The workflow is straightforward: explain the project to your agent, let it flesh out the best approach, agree on scope and approach together, then create a plan document.
A good plan document covers the problem you are solving, the scope of the solution (what is in and what is out), the solution approach, potential risks, success criteria, and a step-by-step task breakdown. Each task should be small enough to complete in a single session.
Project Planning Prompt
I want to build [project description].
Before we start, create a plan document. Cover:
- Problem we're solving
- Scope (what's in, what's out)
- Solution approach
- Risks and how to mitigate them
- Success criteria
- Step-by-step task list
Save the plan to a file you can reference while building.
Don't start building until I approve the plan.
This is one of the most important practices in the entire openclaw book, and almost nobody does it until they lose hours of work to a crashed session.
Before building ANYTHING complex, create a build log file: memory/build-project-name.md. Log every step as it happens: what was done, what worked, what broke, what is next. This file is your insurance policy against sessions that crash, time out, or run into rate limits.
If a session crashes mid-build, the next session reads the build log and picks up exactly where the last one left off. No lost context. No repeated work. No starting over.
When using sub-agents (Chapter 8), the build log becomes the source of truth. Every sub-agent reads it before starting and updates it after every step. The main agent checks the log to monitor progress. Conversation history is ephemeral. The build log is permanent.
The rule is simple: if it is not written down, it did not happen. Text beats memory every single time.
Build Log Prompt
Before we start building, create a build log at
memory/build-[project-name].md
Log format:
- Project name and goal
- Plan reference
- Step-by-step progress (update after each step)
- What worked, what broke, what to try next
- Current status and next action
Read this file first at the start of every session.
Update it after every significant step.
When a project is large enough to involve sub-agents (specialist AI workers, covered in Chapter 8), the planning layer becomes even more critical. The key rule: one feature per spawn. Never tell a sub-agent to "build the whole thing." Break the project into discrete tasks and assign one task per sub-agent session.
Each sub-agent's task should include a clear instruction to read the build log first and update it after every step. The main agent monitors progress by checking the build log, not by reading conversation transcripts. If a sub-agent is stuck for more than ten minutes with no progress in the build log, the main agent intervenes.
This approach scales remarkably well. Projects that would take a single agent days to complete can be broken into parallel sub-agent tasks and finished in hours. But only if the planning and logging discipline is solid. Without a build log, sub-agents work in isolation, duplicate effort, and produce conflicting results.
Get a professional architecture review and implementation plan for your OpenClaw deployment. No guesswork.
Book a Strategy Call →Connect with other OpenClaw users, get help, share what you've built.
BROWSE THE LESSONS →Want this set up for your business? Let's talk about what's possible.
BOOK A STRATEGY CALL →Chapter 6
Every single message you send loads ALL of your brain files into context. Every word in AGENTS.md, SOUL.md, USER.md, TOOLS.md, MEMORY.md, and HEARTBEAT.md gets sent to the model with every interaction. This means bloated files directly cause three problems: slower responses, lower quality output, and higher costs.
Most setups, especially those that have been running for a few months, have 50 to 70 percent unnecessary content in their context files. MEMORY.md becomes a diary instead of a distilled reference. TOOLS.md accumulates how-to guides instead of staying a quick lookup sheet. AGENTS.md gets instructions that belong in skills. The bloat creeps in gradually, and most users never notice because there is no visible error. The agent just gets slightly worse, slightly slower, slightly more expensive, every week.
The fix is simple: audit regularly and move specialized instructions into skills that load on demand instead of every single message.
One prompt can cut your context size in half. The audit prompt tells your agent to examine every one of its own brain files, identify what is bloated, what is outdated, what should be a skill instead of a permanent instruction, and make the changes.
The Audit Prompt
Audit all of your context files right now.
For each file (AGENTS.md, SOUL.md, USER.md, TOOLS.md,
MEMORY.md, HEARTBEAT.md), report:
1. Current size (lines and KB)
2. Content that belongs in a skill, not a brain file
3. Content that is outdated and should be deleted
4. Content that is verbose and can be compressed
Then make the changes. Move instructions to skills.
Delete outdated content. Compress verbose sections.
Show me before/after file sizes.
Real results from running this prompt on a 3-month-old setup: 73KB total context reduced to 31KB. That is a 57% reduction. The agent became noticeably faster and more focused in its responses.
Run this audit monthly. Context files bloat back over time as you add new instructions, log new information, and expand your setup. Monthly audits keep things lean.
Here are the rules that keep your context files efficient:
TOOLS.md should contain addresses and account names ONLY. Not how-to guides. Not setup instructions. Not troubleshooting notes. If you find yourself writing paragraphs in TOOLS.md, that content belongs in a skill. TOOLS.md is a quick-reference sheet: "GitHub username: X. Vercel team: Y. SSH host: Z." That is it.
MEMORY.md should be compact and curated. The biggest mistake users make is letting MEMORY.md become a diary. Every interesting thing that happens gets logged, and within a month the file is 2,000 lines of chronological notes that the agent loads into every single message. Instead, maintain MEMORY.md as a distilled reference. Archive old daily notes to separate files in the memory/ folder. Keep only active, relevant context in MEMORY.md itself. Build an index so the agent knows where to find archived information when it needs it.
HEARTBEAT.md should be a short checklist, not a manifesto. Remove expired one-shot tasks. Keep recurring items brief. If a heartbeat item requires complex instructions, put those instructions in a skill and just reference the skill name in HEARTBEAT.md.
Any file over 100 lines is almost certainly bloated. This is not a hard rule, but it is a strong signal. If your AGENTS.md is 300 lines, at least half of that content should probably be skills.
Not every task needs the most expensive model. Smart routing sends simple tasks to cheaper, faster models and reserves the powerful models for complex work.
The cost difference is significant. A setup running exclusively on Opus might cost $200/month. The same workload with smart routing might cost $80/month while getting equally good (sometimes better) results, because simpler models make fewer unnecessary decisions on straightforward tasks.
One important note on security: Opus-class models have measurably better resistance to prompt injection attacks. In group chat environments or anywhere your agent processes input from untrusted sources, use the strongest model available.
Chapter 7
Most people use OpenClaw as a reactive tool. They ask a question, they get an answer. They give a task, they get a result. That is just a chatbot with extra steps. The real power of OpenClaw is proactive behavior: the agent monitors, checks, builds, and messages YOU first, without being asked.
The mindset shift is fundamental. A reactive assistant waits for instructions. A proactive employee identifies problems, surfaces opportunities, and takes initiative. The difference between the two is the difference between a tool and a team member. Everything in this chapter is about making that transition.
Heartbeats are periodic check-ins where your agent wakes up, reads its HEARTBEAT.md checklist, and acts on whatever needs attention. The default interval is every 30 minutes, but you can configure it to any frequency.
When the heartbeat triggers, the agent reads HEARTBEAT.md and works through the checklist. Check for new emails. Review upcoming calendar events. Monitor lead pipeline. Check if any cron jobs need attention. If something needs your attention, the agent messages you. If everything is quiet, it goes back to sleep.
The cost is pennies per day. Each heartbeat is a short interaction that loads context, checks the list, and either acts or stays silent. For the price of a few cents, your agent is aware of your business state multiple times per hour.
Frequency tiers help you organize what gets checked when:
Heartbeat Setup Prompt
Set up my heartbeat system. Create HEARTBEAT.md with:
Every heartbeat (30 min):
- Check for new booking/meeting alerts
- Flag urgent emails
Daily (morning):
- Calendar briefing for today
- Email summary (important only)
- Lead pipeline status
- Content calendar check
Weekly (Monday morning):
- Analytics summary
- Pipeline report
- Wins and losses from last week
Keep the file concise. Reference skills for complex tasks
instead of putting full instructions in HEARTBEAT.md.
Heartbeats are periodic awareness. Cron jobs are exact-time tasks. The distinction matters: use heartbeats for batch checks that can drift slightly in timing, and cron jobs for tasks that need to happen at a precise time.
Good cron job candidates include:
The decision framework is simple: if the timing matters, use a cron job. If you just need the agent to check periodically, use a heartbeat item. If you want to combine multiple checks into a single interaction (reducing API costs), batch them into the heartbeat.
The morning report is the single most valuable proactive feature for business users. Every morning at a time you choose, your agent delivers a brief, structured summary of everything you need to know.
A good morning report covers:
Keep it SHORT. The morning report should take 60 seconds to read. If it takes longer, the agent is including too much detail. The goal is awareness, not analysis. If you need deeper information on any item, ask the agent to expand on it.
Morning Report Prompt
Set up a morning report cron job for 7:00 AM every day.
The report should cover:
- Today's calendar (meetings + prep notes)
- Important emails (3-5 max, not everything)
- Lead pipeline changes since yesterday
- Content due today
- 2-3 quick wins I can knock out fast
- What you worked on overnight
Keep the entire report under 300 words.
Deliver it to [your preferred channel].
This is one of the most surprisingly effective features. Accountability mode turns your agent into a productivity coach that checks in at escalating levels of intensity throughout the day.
The pattern works like this:
The agent tracks streaks in a file. How many consecutive days you completed all your committed tasks. The streak creates a surprising amount of motivation. Breaking a 12-day streak because you skipped one task feels genuinely bad, and that is the point.
Set up cron jobs for each check-in level. The agent reads your task list, checks what is done, and calibrates its tone based on progress. Some users find this mildly annoying. Most find it transformatively effective.
Your agent does not sleep. Your agent does not need rest. And your agent can do meaningful work at 3:00 AM while you are unconscious. This is one of the biggest advantages of proactive AI that most users underutilize.
The nightly builder is a cron job that fires at a set time each night. The agent looks at your ideas list (a file you maintain with project ideas, improvements, and tasks), picks something small enough to complete in a single session, and builds it. When you wake up, you have a finished deliverable ready for review.
Good nightly builder candidates include: simple tools and utilities, content drafts, research summaries, data analysis, website updates, documentation, competitor research, and any task that does not require your input to complete.
Nightly Builder Prompt
Set up a nightly builder cron job for 11:00 PM.
Every night:
1. Read memory/ideas.md for the project list
2. Pick the highest-priority item that can be completed
in a single session without my input
3. Build it
4. Log what you built in the morning report
5. Mark the item as done in the ideas list
If nothing on the list is suitable, do a useful proactive
task instead: research, content drafts, or system optimization.
Overnight research batches take this further. Queue three or four research topics, spawn sub-agents for each one (staggered 20-30 minutes apart to avoid rate limits), and wake up to finished research reports. A single overnight session can produce research that would take you an entire workday to complete manually.
For business users, proactive lead monitoring is where OpenClaw starts paying for itself in hard revenue.
Instant booking alerts notify you the moment someone books a call. But the agent does not just alert you. It automatically researches the prospect: their company, their LinkedIn, their recent activity, their likely pain points. By the time you see the booking notification, you already have a prep brief.
CRM tracking monitors your lead pipeline and flags stale leads. "This prospect expressed interest 8 days ago and you have not followed up. Want me to draft a follow-up email?" The agent tracks every lead, every interaction, and every deadline, and it does not let things fall through the cracks.
Opportunity scouting monitors Reddit, Twitter, competitor sites, job boards, and industry forums for mentions of your keywords, your competitors, and your service category. When someone posts "looking for help with [your specialty]," your agent can alert you within the hour. That is lead generation on autopilot.
Let's set up heartbeats, morning reports, and automated lead monitoring tailored to your business.
Book a Strategy Call →Connect with other OpenClaw users, get help, share what you've built.
BROWSE THE LESSONS →Want this set up for your business? Let's talk about what's possible.
BOOK A STRATEGY CALL →Chapter 8
A single AI agent is powerful. A team of specialist AI agents is transformative. Sub-agents let you build exactly that: a team of focused workers, each with its own personality, expertise, and job description, all managed by your main agent.
The mental model is simple. You are the owner. Your main agent is the CEO. Sub-agents are specialist employees. You talk to one agent (the CEO), and that agent runs a team behind the scenes, delegating tasks to the right specialist, monitoring progress, and bringing you the results.
Each sub-agent has its own SOUL.md (personality and communication style) and AGENTS.md (job instructions and constraints). A content writer sub-agent has a creative personality and instructions for your brand voice. A research sub-agent has an analytical personality and instructions for source verification. A website builder sub-agent has a technical personality and deployment skills. They are all different, and they are all good at their specific job because they are not trying to be good at everything.
Start with two or three sub-agents based on your most common bottlenecks. Here are the six most useful types:
Website Builder: Deploys to Vercel, uses the frontend-design skill, handles everything from landing pages to full applications. Give it a brief and get a live URL in minutes.
SEO Agent: Runs site audits, builds programmatic SEO pages at scale, tracks keyword rankings, identifies content gaps, and monitors competitor movements. The ideal overnight worker.
Competitor Research: Monitors competitor websites for pricing changes, feature updates, and marketing shifts. Produces weekly intelligence reports. Identifies weaknesses you can exploit.
Content Writer: Learns your voice through feedback and produces multi-platform content. Blog posts, LinkedIn articles, email newsletters, Twitter threads. The feedback loop is critical here because voice consistency takes several rounds to dial in.
Outreach Agent: Researches prospects, personalizes cold emails based on actual company data and recent activity, and manages follow-up sequences. This is not mass email blasting. It is researched, personalized outreach at scale.
Research Agent: Deep dives into any topic with comprehensive source collection. Produces structured reports with citations. Useful for market research, competitive analysis, technology evaluation, and due diligence.
Do not build all six at once. Start with the two that address your biggest bottlenecks. Add more as you find new areas where specialist focus would produce better results than your main agent's generalist approach.
Creating a sub-agent is a conversation with your main agent. Describe what you need and let the agent handle the technical setup.
Sub-Agent Creation Prompt
Help me create a sub-agent called [NAME] that specializes
in [SPECIALTY].
It should:
- [Key capability 1]
- [Key capability 2]
- [Key capability 3]
Personality: [describe the tone and style]
Set up its workspace, SOUL.md, AGENTS.md, and any skills
it needs. After setup, suggest improvements I haven't
thought of.
The agent handles all technical configuration: creating the workspace, writing the SOUL.md and AGENTS.md, installing relevant skills, and configuring access permissions. After setup, ask "What else can you think of to improve this sub-agent?" The main agent usually has good suggestions based on its understanding of your workflow.
Sub-agents are powerful but they need discipline to work well. These rules prevent the most common problems:
Stagger spawns 20-30 minutes apart. Spawning five sub-agents simultaneously creates rate limit problems and resource contention. Space them out and each one gets the API capacity it needs.
Never give sub-agents their own heartbeats. Heartbeats are for your main agent only. Sub-agents are ephemeral workers: spin up, do the job, shut down. Giving a sub-agent a heartbeat wastes tokens and creates unnecessary background activity.
Sub-agents are ephemeral. They exist to complete a task, not to persist. The main agent spawns a sub-agent for a specific job, the sub-agent completes it (updating the build log along the way), and then the session ends. Do not create persistent sub-agents that run indefinitely.
Monitor via the main agent's heartbeat. Your main agent should check on sub-agent progress during its regular heartbeat cycle. If a sub-agent has been running for more than ten minutes with no build log updates, the main agent should check in and intervene if necessary.
Overnight research batch. Before bed, queue three or four research topics. Your main agent spawns sub-agents for each one, staggered 20-30 minutes apart. Each sub-agent researches its topic, produces a structured report, and updates the build log. You wake up to finished research ready for review.
Website in 10 minutes. Give your main agent a brief for a landing page. It spawns the website builder sub-agent, which designs, codes, and deploys the site. You get a live URL and a deployment summary. Review, give feedback, and iterate.
Content pipeline. The content writer sub-agent produces drafts. The main agent reviews them against your brand guidelines. A graphics sub-agent handles images and thumbnails. The main agent assembles everything and presents the final package for your approval. You approve or request changes. The approved content gets scheduled for publication.
Lead machine. The research sub-agent finds prospects matching your ideal customer profile. The outreach sub-agent drafts personalized emails based on the research. Everything lands in a queue for your review. You approve, edit, or reject each outreach message. The agent handles sending approved messages and tracking responses.
Sub-agents have an underappreciated security benefit: information isolation. A content writer sub-agent does not have access to your main agent's private data, client information, or business intelligence. It has exactly the context it needs to do its job, nothing more.
This isolation also saves tokens. A sub-agent with a lean, focused context file set costs significantly less per interaction than your main agent with its full context. Multiply that saving across dozens of daily sub-agent interactions and the cost difference is meaningful.
And the output quality often improves. A focused agent with a narrow context produces better work within its specialty than a generalist agent trying to do everything. Specialization works for humans and it works for AI agents.
Chapter 9
Search engine optimization is one of the highest-ROI use cases for OpenClaw because SEO work is repetitive, data-heavy, and rewards consistency. All three of those qualities play to an AI agent's strengths.
Your agent can crawl your entire website and produce a comprehensive technical SEO audit: missing or duplicate meta tags, broken schema markup, slow-loading pages, missing alt text on images, broken links, thin content pages, canonical URL issues, mobile rendering problems, and indexing errors. The audit that a human SEO specialist charges $2,000 to produce takes your agent about 20 minutes.
Connect Google Search Console and your agent can pull your actual keyword data: which queries bring traffic, which pages rank for what terms, and where the opportunities are. The most valuable targets are "striking distance" keywords that rank between positions 5 and 20. These are terms where a focused content improvement can push you onto page one. Your agent identifies these automatically and suggests specific actions for each one.
Competitor gap analysis takes this further. Your agent identifies keywords your competitors rank for that you do not, clusters them by topic, and produces a content plan to close the gaps.
Programmatic SEO (pSEO) is the practice of generating large numbers of targeted pages at scale. Comparison pages ("Your Product vs Competitor"), use case pages ("Your Product for [Industry]"), location pages ("Your Service in [City]"), and tool-specific pages ("Your Product + [Integration]"). An agent can produce hundreds of these with proper meta tags, schema markup, internal linking, and unique content for each page.
SEO Audit Prompt
Run a complete SEO audit on [website URL].
Check:
- Meta titles and descriptions (missing, duplicates, length)
- Schema/structured data markup
- Page load speed issues
- Image alt text
- Broken links (internal and external)
- Thin content pages (under 300 words)
- Canonical URLs
- Mobile rendering
- Indexing issues (robots.txt, sitemap)
Produce a prioritized action list sorted by impact.
Include the specific fix for each issue.
Existing content that underperforms can be systematically improved. Your agent rewrites titles and meta descriptions for better click-through rates, adds FAQ sections targeting "People Also Ask" queries, identifies content gaps where topics are mentioned but not fully covered, builds internal linking between related pages, and adds schema markup for rich snippets. Each optimization is small, but across dozens of pages the cumulative effect on traffic is significant.
Weekly automated reports track keyword rankings, traffic trends, indexing health, and competitor movements. Your agent flags anomalies: sudden ranking drops, traffic spikes, new competitor pages targeting your keywords, or indexing errors that need attention. This monitoring runs continuously without any manual effort.
Building a YouTube channel is one of the most labor-intensive content strategies. The pipeline from idea to published video involves research, scripting, asset creation, thumbnail design, title and description optimization, and file organization. OpenClaw can automate most of this pipeline.
The full workflow looks like this:
YouTube Pipeline Setup Prompt
Set up a YouTube content pipeline with the following stages:
1. Idea research (sub-agent: monitor trends, competitors,
audience questions, generate ideas with potential scores)
2. Script writing (sub-agent: write in my voice, include hooks,
stories, CTAs, formatted for teleprompter)
3. Asset creation (thumbnails, b-roll lists, description text)
4. Organization (Google Drive folder structure per video)
5. Approval flow (present package for my review)
Create the sub-agents, skills, and workflow.
Track everything in a content calendar file.
The feedback loop is critical for YouTube. After each video publishes, the agent tracks performance (views, retention, click-through rate) and saves winning formulas as skills. The script that got 50% higher retention than average? Its structure becomes the default template. The thumbnail style that doubled click-through rate? That style guide gets locked into the skill. Over time, the pipeline produces increasingly effective content because it learns from real performance data.
For service businesses, OpenClaw becomes a tireless operations manager that handles the daily grind of lead management, client communication, and administrative tasks.
Booking alerts with auto-research: The moment someone books a call, your agent researches the prospect and delivers a prep brief. Company background, LinkedIn profile, recent activity, likely pain points, and suggested talking points. You walk into every call prepared.
Email management: Your agent scans Gmail continuously, categorizing messages by urgency and type. It drafts responses for routine emails (scheduling, information requests, follow-ups) and flags important messages that need your personal attention. You review and approve drafts rather than writing from scratch.
CRM tracking: Every lead interaction is logged. Pipeline stages are updated automatically. Stale leads get flagged. Follow-up reminders fire on schedule. Nothing falls through the cracks. One consulting setup tracks 80+ leads in Notion with zero manual data entry.
Proactive business updates: Two to four times per day, your agent messages you with relevant business updates. New lead came in. Client responded to a proposal. Invoice is overdue. Competitor launched a new feature. You stay informed without checking anything manually.
Consistency is the hardest part of content marketing. Most people know they should post regularly. Most people do not. OpenClaw's accountability mode (Chapter 7) combined with content automation solves this.
The agent checks in four times per day with escalating intensity. Morning: "Today's content plan is [X]. Ready?" Midday: "The LinkedIn post is drafted but not reviewed. Want to look at it now?" Afternoon: "You still have not posted. Is that a reason or an excuse?" End of day: "Posting streak: 0 days."
For LinkedIn specifically, the agent maintains a post bank: pre-written, pre-approved posts stored in Notion or a file, ready to publish at scheduled times. You batch-create posts when you are in a creative mood, and the agent handles scheduling and reminders for the rest of the month.
The power of OpenClaw multiplies with every tool you connect. Here are the highest-impact integrations:
Google Drive: File organization, content storage, client deliverable management, automated backups. The agent can create folder structures, organize assets by project, and maintain shared drives for team collaboration.
Google Analytics (GA4): Daily traffic reports, anomaly detection (sudden drops or spikes), content performance tracking by page, and lead source attribution. The agent identifies which content produces results and which needs improvement.
Google Search Console: Keyword rank tracking, new keyword discovery, click-through rate optimization, indexing health monitoring, and post-publish tracking to see how new content performs in search.
The hierarchy for connections is: API first, browser automation second, skill if available. APIs are fast, reliable, and efficient. Browser automation works when no API exists but is slower and more fragile. Community skills sometimes provide pre-built integrations for popular tools.
Google Drive Setup Prompt
Set up Google Drive integration. I want you to:
1. Create a folder structure for my business:
- /Clients (subfolder per client)
- /Content (subfolder per platform)
- /Internal (meeting notes, reports, docs)
- /Assets (images, logos, templates)
2. Create a skill for organizing new files automatically
3. Set up a weekly backup of important documents
4. Show me how to share specific folders with my team
Real Estate: OpenClaw automates transaction paperwork by reading intake data and auto-filling contract templates (TREC contracts, disclosure forms). It tracks every transaction from listing to close, monitors deadlines, and sends automated communications to all parties. One real estate brokerage uses it to handle deadline tracking, document preparation, and agent communication across dozens of simultaneous transactions.
AI Consultancy: For consulting businesses, the agent handles Webflow SEO optimization, Google Ads campaign management, social media scheduling, and client reporting. It runs SEO audits on client sites, produces monthly performance reports, and manages content calendars across multiple client accounts.
The Meatspace Layer: One of the most forward-thinking use cases involves AI agents hiring humans for physical tasks via APIs. Tasks that require a physical presence, like picking up documents, attending a meeting, verifying a property condition, or taking photos of a location, get dispatched to on-demand workers. The AI handles everything except the physical task itself. This is not science fiction. It is happening now, and it represents the future of how AI agents interact with the physical world.
These prompts work regardless of your industry. They leverage the fact that your agent has deep context about your specific situation:
Revenue Roadmap
Design a 90-day plan to increase my revenue by 30%.
Use everything you know about my business, my current
marketing, my client base, and my tools.
Include:
- Quick wins (week 1-2)
- Medium-term plays (week 3-6)
- Strategic bets (week 7-12)
- Specific actions for each item
- How you can help execute each one
Content Machine Design
Design a content machine for my business.
Cover every platform I should be on, the content types
that work for my audience, a realistic publishing cadence,
and how to repurpose content across platforms.
Then set up the automation: content calendar, drafting
pipeline, approval flow, scheduling, and performance tracking.
Make it sustainable. I should spend 2 hours per week max
on content once the system is running.
Connect with other OpenClaw users, get help, share what you've built.
BROWSE THE LESSONS →Want this set up for your business? Let's talk about what's possible.
BOOK A STRATEGY CALL →Chapter 10
This chapter is mandatory reading for every OpenClaw user regardless of skill level. The stakes are higher than most people realize.
Security researchers have found over 42,000 exposed OpenClaw instances using Shodan, with 93% having authentication bypass vulnerabilities. Cisco's threat intelligence team discovered malware embedded in 37 popular skills on the community hub. A fake VS Code extension was distributing a trojan targeting OpenClaw users. These are not theoretical risks. They are documented incidents.
Your OpenClaw agent is, functionally, a superuser with a natural language interface. It can execute any shell command, read and write any file, browse the web, send messages on your behalf, and interact with every connected service. If someone gains unauthorized access to your agent, they have access to everything your agent has access to. That includes your email, your files, your client data, your business communications, and your server.
Real incidents that have been documented include: agents dumping home directory contents via find ~ in response to social engineering, prompt injection attacks in group chats that extracted private information, and malicious skills that exfiltrated data on installation.
Security is not optional. It is the foundation everything else is built on.
Follow these steps in order. Each one addresses a specific attack vector.
OpenClaw has a built-in security audit command. Run it first to understand your current exposure.
openclaw security audit
openclaw security audit --deep
openclaw security audit --fix
The gateway is the entry point to your agent. Without authentication, anyone who finds your server can send messages to your agent. Generate a strong token and configure it.
openclaw doctor --generate-gateway-token
Configure who can message your agent. Set DM policy to "pairing" so only approved contacts can direct-message it. Enable requireMention: true for group chats so the agent only responds when explicitly mentioned, not to every message.
If you are using Telegram, configure your bot through BotFather: disable the ability for others to add your bot to groups, and enable privacy mode so the bot only receives messages directed at it.
Configure your server's firewall to deny all incoming connections except SSH. The gateway communicates outbound, so it does not need any incoming ports open.
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw enable
Lock down your configuration files and state directory. Configuration files should be readable only by the owner (600). The state directory should be accessible only by the owner (700).
chmod 600 /path/to/config.yaml
chmod 700 /path/to/state/
Enable log redaction to prevent sensitive data from appearing in log files. Set logging.redactSensitive: "tools" in your configuration to redact tool outputs that may contain passwords, tokens, or personal data.
Sub-agents should have the minimum permissions needed for their specific job. A content writer sub-agent does not need shell access. A research sub-agent does not need to send messages. Use denyTools configuration to restrict each sub-agent to only the tools it actually needs.
Tailscale creates a private mesh network between your devices using WireGuard encryption. Once configured, you can bind your gateway to the Tailscale interface (or localhost) and close all public ports. Your server becomes invisible to the internet while remaining fully accessible to your authenticated devices.
# Install Tailscale on your VPS
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up
# Verify connection
tailscale status
# After confirming Tailscale works, close public SSH
sudo ufw delete allow 22/tcp
Important: Before closing public SSH, always verify Tailscale SSH access works in a SEPARATE terminal session. Keep your original SSH session open as a safety net. If Tailscale SSH fails and you close public SSH, you will lock yourself out of your server.
Read every SKILL.md file before installing any community skill. Look for shell commands, file access patterns, network calls, and anything that seems unnecessary for the skill's stated purpose. Use the Cisco Skill Scanner if available. A skill has the same access as your agent. Treat skill installation like installing software on your computer: verify the source and understand what it does.
Opus-class models have demonstrably better resistance to prompt injection attacks. In any context where your agent processes input from untrusted sources (group chats, web scraping, email processing), use the strongest model available. Cheaper models are more susceptible to injection attacks that can manipulate the agent's behavior.
Security is not a one-time setup. Review your configuration monthly. Check logs for unusual activity. Monitor which tools your agent uses and what files it accesses. Update your hardening as new threats emerge and as your setup evolves.
Tailscale deserves a detailed walkthrough because it is the single most impactful security improvement you can make. It is free for up to 100 devices.
curl -fsSL https://tailscale.com/install.sh | sh then sudo tailscale upsudo ufw delete allow 22/tcpOptionally enable Tailscale SSH for an even simpler experience. This lets you SSH to your server using Tailscale's authentication instead of SSH keys, and you can manage access from the Tailscale admin panel.
If you are running OpenClaw on a Mac Mini, there are additional platform-specific hardening steps:
Three rules that should guide every security decision you make:
Rule 1: Never let the agent verify its own security. If you ask your agent "are you secure?" it will check its own configuration and tell you everything looks fine. But the agent cannot see things like open ports on the server, misconfigured firewall rules, or network exposure. Always verify security from a separate terminal or machine. Run port scans from outside your network. Check firewall rules directly. Do not trust your agent to audit its own security perimeter.
Rule 2: Always read SKILL.md yourself before installing any community skill. Do not let your agent install skills without your review. A malicious skill with shell access can exfiltrate every file on your server in seconds. Take two minutes to read the SKILL.md, understand what the skill does, and verify it only requests the permissions it needs.
Rule 3: Least privilege, always. Every connection, every sub-agent, every skill should have the minimum permissions needed to do its job. If a sub-agent does not need shell access, deny it. If a skill does not need to write files, restrict it. The attack surface of your agent is the sum of every permission granted. Keep that surface as small as possible.
Secure Baseline Configuration: After completing all 12 steps, ask your agent to export a snapshot of the current security configuration. Save it as your baseline. When you make changes, you can always compare against this baseline to make sure you have not accidentally opened a vulnerability.
Full Security Hardening Prompt
Run through the complete security hardening checklist:
1. Run openclaw security audit --deep
2. Generate and configure gateway auth token
3. Configure DM pairing and group allowlists
4. Lock down BotFather settings
5. Configure UFW firewall (deny all incoming, allow SSH only)
6. Set file permissions (config: 600, state: 700)
7. Enable log redaction
8. Configure sub-agent sandboxing (deny unnecessary tools)
9. Install and configure Tailscale
10. Audit all installed skills for suspicious behavior
11. Verify model configuration for sensitive contexts
12. Document current security state as baseline
For each step, tell me what you did and what I need
to verify manually from a separate terminal.
Get your OpenClaw locked down by someone who has done it hundreds of times. Security is not a place to learn by trial and error.
Book a Strategy Call →You have read the complete openclaw book. Ten chapters covering everything from architecture and setup to security hardening and multi-agent workflows. That is the knowledge. Now the question is implementation.
If you are just getting started, go back to Chapter 2 and follow the setup guide. Get your agent running, connect your first tools, and start with the onboarding interview. The first week is about building the relationship with your agent and understanding what it can do.
If you have been running OpenClaw for a while, go to Chapter 6 and run the audit prompt. Then set up heartbeats (Chapter 7) and your first sub-agent (Chapter 8). These are the features that transform an assistant into an autonomous team member.
If you have done all of that, go to Chapter 10 and run the security hardening checklist. Then come back to Chapter 9 and pick the use cases that match your business.
The agents that produce the best results are the ones whose owners invest time in planning, feedback, and optimization. Not the ones with the most expensive models or the most tools connected. The compounding effect of good feedback, clean context files, and well-designed skills makes every month better than the last.
Your AI agent gets better every single day. Make sure you do too.
Next steps: Check out our step-by-step setup guide for a quick-start walkthrough, or visit our homepage to learn about our consulting services. Ready to get expert help? Book a strategy call.