The ultimate guide to setting up and using Openclaw

Just give this article to openclaw and it will automatically create the tools for agent swarm

Feb 28, 2026

OpenClaw (formerly known as Clawdbot, Moltbot, or Clawd) is an open-source, local-first AI agent platform that is quickly gaining traction. Unlike traditional AI chatbots that are fundamentally reactive—waiting for your prompt in a browser window—OpenClaw acts as an agent. It runs continuously on your local machine, server, or VPS, and uses tools to actively execute tasks, manage files, and run commands on your behalf.

Whether you want it to triage your emails, manage your calendar, or orchestrate an entire autonomous development team, OpenClaw bridges the gap between powerful AI models and the applications you use every day.

Here is a comprehensive guide to getting it up and running safely, moving from basic deployment to advanced multi-agent swarms.

Understanding the Architecture: Tools vs. Skills

Before you install OpenClaw, it’s important to understand how it interacts with your computer. It relies on a two-tier system to get things done:

Tools: These are the core capabilities (the “hands” of the agent).
- read and write let it access files.
- exec allows it to run system shell commands.
- web_search and browser let it navigate the internet, read pages, and interact with web elements.
Skills: These are the instructions (the “textbooks”) that teach the agent how to combine Tools to achieve specific tasks. OpenClaw ships with over 50 bundled skills.
- The gog skill teaches it to use Google Workspace (Gmail, Calendar).
- The github skill teaches it to read and manage repositories.
- Important Note: Bundled skills auto-load by default if the corresponding software is installed on your system. It is highly recommended to use a whitelist approach in your configuration so you aren’t exposing capabilities you don’t intend to use.

Step 1: Installation and Initial Setup

OpenClaw requires Node.js (v22 or higher). While you can run it directly on your primary machine (macOS, Windows, or Linux), many users prefer deploying it on a Virtual Private Server (VPS) like DigitalOcean or Hostinger, or inside a Docker container for better security isolation.

1. Install the CLI Open your terminal and run the official installation script:

Bash

curl -fsSL https://openclaw.ai/install.sh | bash

2. Run the Onboarding Wizard Once installed, initiate the setup process:

Bash

openclaw onboard

The wizard will walk you through several critical choices:

AI Provider Selection: Choose your underlying “brain.” You can connect it to cloud providers like OpenAI and Anthropic, or run local models like Llama 3 and Mistral if you have the hardware.
Chat Platform Integration: OpenClaw doesn’t just live in a terminal. It connects to the messaging apps you already use. You can select platforms like Telegram, WhatsApp, Discord, or Slack.
User Interface: You can manage the bot’s settings via the Terminal User Interface (TUI) or the web-based Control UI dashboard.

Step 2: Connecting to a Chat App

One of OpenClaw’s best features is its ability to live in your pocket. Here is how to connect it to Telegram or Slack so you can message your agent on the go:

On Telegram, search for the official @BotFather and send /newbot to generate an API Token. (For Slack or Discord, create an app in their respective developer portals).
Paste the token into the OpenClaw terminal when the setup wizard asks for your channel configuration.
Device Pairing: To prevent unauthorized access, OpenClaw requires you to “pair” your device. You will receive a pairing code or need to approve your user ID in the OpenClaw Control UI to establish a trusted connection.

Step 3: Security Guardrails (Do Not Skip)

Giving an AI agent the ability to execute code and read files on your computer is inherently risky. To run OpenClaw safely, you must implement these minimum operating postures:

Restrict Gateway Access: Ensure your gateway address is set to 127.0.0.1 (localhost) in your ~/.openclaw/openclaw.json configuration file. Do not expose your Control UI dashboard to the public internet without a secure tunnel and strong password authentication.
Lock Down Communications: Set your DM Policy to "pairing" (which requires manual approval for any new user) and your Group Policy to "disabled" so your bot cannot be added to public chat groups where it might leak data.
Limit Execution Privileges: If you enable the exec tool, turn on approval requirements so the bot must explicitly ask for your permission before running shell commands. If running on a server, create a dedicated, non-root user account with minimal privileges for OpenClaw.

Step 4: Putting OpenClaw to Work (Single Agent Workflows)

Once configured, OpenClaw can automate complex, multi-step workflows right out of the box:

The Autonomous Daily Briefing: Set up a cron job directly in your chat app. Text your bot: “Every day at 7:00 AM, check the weather, check my calendar for upcoming meetings, and send me a daily briefing.”
Email Triage & Summarization: Ask OpenClaw to scan your inbox twice a day, categorize incoming emails by urgency, and send you a short Slack or Telegram summary of items that require your immediate action.

Step 5: Advanced Swarm Architecture (The One-Person Dev Team)

As OpenClaw matures, power users are pushing it far beyond simple personal assistance. You can use OpenClaw to orchestrate a complete “Agent Swarm”—effectively replacing an entire engineering team and generating highly efficient coding output.

This setup pairs OpenClaw’s orchestration layer with specialized coding models like Codex and Claude Code. Here is how you can replicate this high-performance architecture and how OpenClaw actively manages the swarm:

1. The Orchestration Layer: How OpenClaw Awakens the Swarm Instead of trying to code everything itself, OpenClaw acts as your product manager. When you message OpenClaw with a feature request (e.g., via Telegram), it uses its exec tool to prepare an isolated environment and “awaken” specialized agents. It does this by:

Creating a new git worktree (an isolated branch so the new code doesn’t break your main project).
Spawning a detached tmux session.
Executing a shell command within that session to launch the specialized coding agent, passing your business context and specific prompts directly into it.

2. Invoking Codex and Claude Code in Isolation By placing these agents in detached tmux sessions, OpenClaw gives them specific tasks without blocking its own main orchestration loop. Because these agents need to work autonomously, they are invoked with specific CLI flags that bypass standard manual approvals.

To invoke a Codex session: OpenClaw will run a script similar to this to launch a dedicated Codex agent for rapid boilerplate or feature generation:

Bash

# Create isolated worktree
git worktree add ../feat-custom-templates -b feat/custom-templates origin/main
cd ../feat-custom-templates

# Spawn Codex in a detached tmux session
tmux new-session -d -s codex-agent-01 \
  'codex --model gpt-5.3-codex -c "model_reasoning_effort=high" --dangerously-bypass-approvals-and-sandbox "Build custom email templates"'

To invoke a Claude Code session: For complex refactoring and deep architectural logic, OpenClaw can invoke Claude Code in a separate session:

Bash

# Create isolated worktree
git worktree add ../core-refactor -b chore/core-refactor origin/main
cd ../core-refactor

# Spawn Claude Code in a detached tmux session
tmux new-session -d -s claude-agent-01 \
  'claude --model claude-opus-4.5 --dangerously-skip-permissions -p "Refactor the authentication middleware"'

3. Low-Cost Deterministic Monitoring Having AI models constantly poll each other to check status burns through tokens and gets expensive fast. Instead, ditch high-cost polling and use standard deterministic shell scripts. Create a .clawdbot/check-agents.sh cron job that runs every 10 minutes. This script should:

Check if the tmux sessions are still alive.
Call the GitHub CLI (gh cli) to verify CI/CD results.
Automatically restart a failed agent node (up to a maximum of 3 times) if it gets stuck.

4. Implement a Strict “Definition of Done” When operating at a high velocity, you cannot manually review every line of code. The swarm needs automated gatekeepers. Configure your OpenClaw state file to require multiple automated checks before a Pull Request is flagged as ready for merge:

JSON

{
  "status": "done",
  "pr": 341,
  "checks": {
    "prCreated": true,
    "ciPassed": true,
    "claudeReviewPassed": true,
    "uiScreenshotsIncluded": true
  }
}

In this setup, standard CI tests must pass, and secondary AI models must review and approve the PR before OpenClaw finally sends you a chat notification that the work is ready for your human review.

The Results of the Swarm When properly configured, this architecture allows a solo developer to move at breakneck speed, merging multiple PRs in a fraction of the time it would take manually.

Still don’t know what to use this for? Then this is an awesome repository for some use cases: https://github.com/hesamsheikh/awesome-openclaw-usecases

The worktree + tmux swarm pattern is clever. That --dangerously-bypass-approvals-and-sandbox flag in the Codex example makes me nervous though. Even in isolated branches your SSH keys and cloud creds are still in scope. sandbox_mode = "workspace-write" with approval_policy = "never" gets you the same autonomy without the exposure. Covered the full sandbox and approval matrix here: https://reading.sh/the-definitive-guide-to-codex-cli-from-first-install-to-production-workflows-a9f1e7c887ab

The AI Architect — Designing systems that think.

Discussion about this post

Ready for more?