Video Summary
OpenClaw is a self-hosted messaging gateway and proactive autonomous agent that runs on your machine to automate tasks via WhatsApp, Telegram, Discord, etc.
Prerequisites: comfort with the command line (CLI) and basic familiarity with language-model workflows or prompt/context engineering.
Setup covers workspace/config paths, onboarding wizard, choosing gateway mode (loopback/LAN/tail), and connecting models like Claude 4.5.
Skills are configured as skill.md files (YAML front matter + instructions); ClawHub installs third-party skills — review them for safety.
Integrations: enable plugins, restart the gateway, scan a QR for WhatsApp or create a Discord app/bot and configure tokens/intents in OpenClaw config.
OpenClaw is a self-hosted messaging gateway and proactive autonomous agent runtime that connects messaging platforms (WhatsApp, Telegram, Discord) to agents which can execute real-world tasks like managing calendars, triaging email, and controlling devices.
Familiarity with the command-line interface (CLI) and some exposure to language-model workflows (LMC, APIs, prompt/context engineering) are recommended, though beginners can follow the provided commands.
Consider running OpenClaw on a VPS to isolate sensitive files, use loopback gateway if remote access isn't needed, run the built-in security audit/OpenClaw Doctor, avoid group chats, and enable Docker sandboxing to isolate agent execution.
For WhatsApp enable the plugin in the config, restart the gateway, then scan the generated QR with your phone. For Discord create an application, add a bot, reset and copy the token, enable required intents, and add those credentials to OpenClaw.
Skills are defined by skill.md files (YAML front matter + instructions) that teach the agent tool usage. ClawHub serves as a registry for installing third-party skills, but you should inspect them for security and note each added skill increases prompt/context token usage.
"OpenClaw is a proactive autonomous agent that allows you to host a personal assistant capable of managing real-world tasks."
OpenClaw, previously known as Claudebot and Maltbot, serves as a powerful runtime enabling users to create personal assistants that can perform various tasks such as managing calendars, triaging emails, and controlling smart home devices through messaging applications like Telegram and Discord.
The course will guide users on setting up and utilizing OpenClaw, covering topics like connecting to leading AI models, managing long-term memory, and expanding the agent's capabilities with different skills.
By the course's conclusion, participants will possess an AI operator that automates numerous aspects of their digital lives while ensuring full control over their data.
"The prerequisites I assume are that you have experience using a CLI before because the CLI is the main way that you interact with OpenClaw."
The course assumes that participants are familiar with command-line interface (CLI) usage, as this is the primary method for interacting with OpenClaw. However, individuals lacking experience can still follow along as long as they adhere to the provided commands.
Exposure to LMC (Language Model Chains) is also expected, including familiarity with APIs and prompt or context engineering, since OpenClaw intelligently manages context for various workflows.
"First of all, we're just going to do a quick recap of what OpenClaw is, then we'll go over installation."
The course consists of nine modules covering an introduction to OpenClaw, installation procedures, workspace and memory configuration, creation of personal assistants, integration of skills, and multi-agent management.
Participants will also delve into security aspects and sandboxing related to the functionality of OpenClaw, ensuring a comprehensive understanding of both its capabilities and safe use.
"OpenClaw is a self-hosted messaging gateway that connects WhatsApp, Telegram, Discord, etc., to coding agents."
The term "gateway" in the context of OpenClaw signifies a long-running process on the user's machine that maintains persistent connections to various messaging platforms. This gateway facilitates the routing of incoming messages to designated agents for execution or manipulation, enabling automated workflows.
An example of its utility includes setting up automated responses to messages received from an employer, enhancing efficiency in communication.
"OpenClaw is fully self-hosted on your machine and it has many more supported integrations."
Unlike Cloud Code, which operates on a cloud-based model, OpenClaw is designed to be self-hosted, providing users with more control and customization options.
OpenClaw supports a wider range of integrations, including popular messaging platforms such as WhatsApp, Telegram, and Discord, and continues to grow in functionality with ongoing updates and improvements.
"Running this on a local machine versus on a virtual machine or VPS is an important choice."
When installing OpenClaw, it is crucial to consider security implications, as granting the agent access to a local machine involves risks of potential command injection or unauthorized file manipulation.
Users are advised to install OpenClaw on a Virtual Private Server (VPS) for enhanced security, isolating sensitive data and mitigating risks associated with operating from a personal computer.
For users opting to run OpenClaw locally, it is essential to take precautions and understand the security features available, such as security audits and sandboxing.
"We will need to install the workspace directory which installs all of our OpenClaw-related files."
The installation process involves defining the configuration path, workspace location, and connecting to various messaging channels.
Users have the option to select between local and remote gateway setups, with a preference for a local installation during this tutorial. The configurations include determining the model used, with options like Google's free offering or Anthropic's well-regarded model available based on user needs and preferences.
It is recommended to use the most powerful models to enhance security against potential prompt manipulation risks, ensuring robust performance and effective automation tasks.
"The setup token is generated with the command 'cla setup token.'"
The setup process involves generating a setup token using the command cla setup token. You will also need to securely handle your secret key, which you may want to delete after the tutorial for privacy reasons.
During the setup, you should choose the default token name and select "claude 4.5," which is the most powerful model available.
The default gateway port to use is 18789, and you'll need to bind the gateway. Although the exact meaning of gateway binding is not clear, there is a more efficient way to get clearer instructions using a repository clone.
By cloning the OpenClaw repository in another terminal, you can ask questions and receive accurate answers from Claude, as it has access to the project documentation and code.
"For onboarding, choose loopback unless you specifically need remote access."
Claude recommends using the loopback gateway for most users. This option allows connections only from your local machine and is the most secure if remote access is not needed.
If you require connections from multiple devices on the same network, you can choose the LAN option. For remote server setups, the ‘tail’ option is appropriate.
Even if you initially select loopback, you can change the gateway setting later using the corresponding command, making it flexible for different user scenarios.
"Skills are essentially a markdown file with tips on how to accomplish a specific task."
When configuring skills, you usually opt for the Node Package Manager as it is the most widely used for JavaScript. The skills function includes various markdown files that suggest how to accomplish tasks effectively.
There are skills available for popular applications like Obsidian, Apple Notes, and Google Workspace. Each skill provides tailored instructions on how to best utilize these applications with OpenClaw.
Some settings during setup, such as the Google API key for location querying, can be skipped if they are not relevant to your current needs.
"Hooks let you automate actions when agent commands are issued."
Hooks allow automating specific actions based on triggers, like saving session context or running commands when the gateway starts up. This can streamline the workflow considerably.
For instance, a hook can be set to check the news every time the gateway boots, providing updates automatically.
You can enable features like the command logger to keep track of command events and session memory, which helps maintain the context between agent commands.
"The OpenClaw security audit is very helpful for identifying vulnerabilities."
The OpenClaw security audit helps find security vulnerabilities within your setup, while commands like OpenClaw Doctor provide health checks and quick fixes for any issues within the gateway.
You can run a security audit command to identify and resolve any critical issues that may affect the integrity of your system.
Regularly performing these checks, especially after the initial setup, ensures that your OpenClaw setup remains secure and functional.
"There's 46 commands by default, and we're going to be using some of these throughout the course today."
After completing the installation process, you will have access to 46 default commands which will be utilized in the course.
The chatbot's configuration, credentials, and session files reside in the home directory associated with OpenClaw, specifically within the openclaw/repos directory by default.
Ensure that you are operating within the correct directory, especially if you've modified it during initialization.
"Memory includes crucial files that guide the agent on how to operate effectively."
The workspace includes various markdown files that define the agent, referred to as "Nova" in this context. These files include attributes like identity, traits, and characteristics of the agent, which can evolve as you interact with it.
The most important file in the workspace is agents.empty, which is essential for the agent to function correctly. This file provides initial instructions, like requesting the user's name.
The bootstrap.md file is utilized only during the first run and is deleted afterward, ensuring a streamlined setup process for the agent.
"All of the agent’s parameters and arguments are managed in off profiles JSON files."
Configuration parameters specific to the agent are stored in JSON files which can be modified through a terminal interface rather than directly in the JSON. This method reduces the risk of error that could disrupt the agent's functionality.
Backing up the workspace as a git repository is advised to maintain a central source of truth for all agent configurations. This practice is beneficial if you switch devices or need to retain configurations across multiple setups.
"We need to take safety precautions because the agent runs commands on your machine."
Setting up a personal assistant involves configuring permissions meticulously to ensure that the agent can operate safely without exposing your machine to potential vulnerabilities.
Always begin by limiting the channels through which the assistant can send messages, and consider using a dedicated phone number for communications to further protect your personal information.
Pairing with WhatsApp Web is an essential step in the setup, allowing the assistant to interact through that platform, and is initiated using a specific terminal command.
"You're going to need to run plugins to enable WhatsApp and also restart the gateway."
To connect OpenClaw with WhatsApp, first check your configuration file to ensure that WhatsApp is enabled. If it's disabled, you'll need to run the command to enable the plugin and restart the gateway.
Use your phone to scan a QR code that will be generated when you log into the channels, which will connect your WhatsApp.
After a successful connection, you will be able to interact with OpenClaw through WhatsApp. It’s crucial to remember that interactions should be kept to one-on-one conversations, as putting the bot in a group chat poses security risks.
"If you ever put your agent in a group chat, there are severe security vulnerabilities because your bot has access to your terminal."
When using OpenClaw, it's vital to avoid placing the bot in group chats. This is due to the security vulnerabilities that arise when the bot has access to your terminal, as malicious users could potentially exploit this.
It is recommended to use OpenClaw in private conversations to minimize risk.
"This is usually done automatically in the wizard for setting up, but since we didn't do it at the very beginning, then we're going to have to do this now on our own."
If the phone number wasn’t automatically added during setup, you'll need to manually edit the OpenClaw JSON file to include your phone number.
After adding your number, you can test by sending a message to yourself to ensure that the connection is functioning properly.
"I asked it, 'Can you check if I have any outstanding pull requests in my folder?'"
Once the phone number is set up, you can initiate a conversation with the bot to see its functionality. For instance, you can ask the bot about outstanding pull requests in your developer folder.
The bot should return the relevant information regarding your pull requests, showcasing its ability to interact with your development environment.
"We need to go to Discord, create a new application, give it a name, then go to the bot tab."
To integrate OpenClaw with Discord, start by creating a new application on the Discord platform. Once created, navigate to the bot tab, reset the bot token, and enable necessary intents.
After obtaining the bot token and setting up the server information, the next step is to configure these settings in OpenClaw.
"If your bot has access to your computer, anyone on that Discord server could tell the bot to run malicious actions."
It's important to be cautious when configuring your Discord bot to ensure it does not have access to sensitive information or system-level permissions.
Ideally, keep the bot on a private server to maintain security and reduce vulnerability to external threats.
"Now that we have the Discord set up, we've officially completed the personal assistant section of the course."
The setup for the OpenClaw personal assistant is concluded after successfully establishing the connection with both WhatsApp and Discord.
Participants can now progress to other sections of the tutorial, where they will learn about enhancing skills and additional functionalities of OpenClaw.
"Each skill has a skill.md file with a YAML front matter plus instructions as the config, teaching the agent how to use tools."
In OpenClaw, each skill is represented by a dedicated skill.md file, which contains YAML front matter along with specific instructions. This configuration helps in training the agent on how to effectively utilize various tools.
The directory structure for skills allows for an organized view of all capabilities added to OpenClaw.
"Apple Notes manages via the memo CLI, and Bird is for Twitter, describing actions to tweet, make threads, retweet, etc."
OpenClaw integrates several useful skills like managing Apple Notes through the memo command line interface and interacting with Twitter via the Bird skill, which describes how to perform actions such as tweeting and retweeting.
Skills like Himalaya allow users to manage emails, including reading, writing, and forwarding, while others, like Nano Banana, support image creation, showcasing the variety of functionalities available.
"Per-agent skills live in the skills for that agent only, while shared skills exist in the OpenClaw/skills directory for all agents on the same machine."
In OpenClaw, skills can either be designated for a specific agent or shared across multiple agents on the same machine, allowing for flexibility in how agents are designed and used.
User-invocable skills can be executed using slash commands, enhancing the interactivity and ease of access to functions by users.
"If you have more than one skill, you add approximately 97 characters to the system prompt with roughly 24 tokens per skill added."
"ClawHub can be thought of as pip for claw skills, allowing installation similar to pip install."
ClawHub serves as a registry for claw skills, much like pip does for Python packages. Users can install skills using commands such as "clawhub install."
It's crucial to review third-party skills for security, as they may contain untrusted content which could be potentially harmful.
"I'm going to write an email skill using simple Python that sends an email to myself."
The process of creating a custom email skill in OpenClaw is straightforward and can leverage Python's SMTP functionalities, enabling automated email generation and management.
These custom skills can significantly streamline workflows by automating repetitive tasks.
"Email sent. Check your Gmail. You should have a message from Nova."
"Multi-agent is useful for having different personas, permissions, workspaces, etc."
OpenClaw's multi-agent feature allows users to create distinct agents with separate workspaces and permissions, making it ideal for managing different contexts and tasks.
Each agent can have its own configuration, including authentication profiles and workspace settings, allowing for highly tailored automation.
"You can switch agents easily, allowing for a demarcated work-life balance."
Users can switch between different agents that are configured for various purposes, such as work and personal use, enhancing organization and productivity.
This functionality streamlines workflows by enabling users to separate work-related tasks from personal ones efficiently.
"It's important to discuss some of the security surfaces you should be aware of, including prompt injection."
The video presents essential security measures for using OpenClaw safely. An important security risk is prompt injection, where crafted messages can trick the agent into executing arbitrary commands.
Using Docker-based isolation is recommended to protect the host system. The sandbox mode can be set to non-main, ensuring all sessions except the default one are sandboxed. This prevents unauthorized access to the file directory.
Users can adjust the sandbox settings to either "sandbox everything" or limit it to specific sessions. The management of the container's lifecycle is crucial, and workspace access can also be tailored to restrict read and write capabilities.
"When executing high-risk browser tasks, restrict browser access with a sender allow list."
It's advised to implement strict browser control when executing tasks that involve high-risk edges. Establishing a sender allow list ensures that only specified websites can be accessed by the browser, enhancing security.
Additionally, using a sandbox browser can further limit exposure to online threats. As an added precaution, it's vital to handle untrusted inputs carefully, which can be achieved by utilizing tool restrictions, such as setting up tool denial for potentially harmful functions.
"There are three modes of sandboxing: session, agent, and shared."
The video explains that OpenClaw offers three sandbox modes: session, agent, and shared. Each mode determines how containers operate and interact with each other.
In session mode, a new sandbox is created for each new session, leading to increased overhead due to multiple Docker containers. Agent mode allows each agent to have its own sandbox, while shared mode enables all sandboxed agents to share the same Docker container, limiting external file access but allowing shared file interaction within the container.
"You can simply ask the OpenClaw agent to set up a Docker container for you."
A practical demonstration is provided to set up a sandboxed environment. By executing a specific script from the OpenClaw database, users can configure a Docker container seamlessly.
The setup requires users to have Docker running; troubleshooting is possible if issues arise, like ensuring the Docker daemon is activated, particularly for Mac users.
After running the script to establish the work agent in sandbox mode, users can confirm the setup by checking logs, which indicate that the agent cannot access desktop files outside its designated workspace, thus enhancing security.
"Sandboxing offers a VPS-like security without the need for a full server setup."
While sandboxing provides significant security benefits by isolating the agent from accessing system files, it also comes with limitations, such as restricted file access.
Users should be cautious about granting internet access to the sandboxed agent, as this could lead to unwanted behavior despite the isolation. This balance of pros and cons should inform decisions on whether to run OpenClaw on a server or utilize its sandbox capabilities for enhanced security.
