If you are not using Openclaw (previously clawdis, clawdbot, moltbot), you can just skip this post, it probably won't make a lot of sense.
Before you do anything with Openclaw, security should be your number one priority.
Lock down your gateway, NOW!
The first thing is to make sure you are not exposing your gateway to the Internet. If you want to access it remotely, use a VPN or something like Tailscale.
Openclaw is has more attack vectors than most software and users are connecting more and more private information to it so it can do it's thing. The core developer is aggressively addressing security issues at an amazing pace, but this is not software you want exposed directly to the Internet.
You can use a port scan from an external source to verify you are not exposing the gateway. By default, Openclaw will use port 18789 without SSL.
While you are at it, enabling SSL is a very good idea, this will protect your traffic against anything that may try to snoop it on your LAN. Look at traefik, nginx, or caddy to solve this problem.
Trust NO ONE!
One of the coolest things with Openclaw is skills. This allows you to bundle code and instructions into a repeatable skill that Openclaw can use. A good example is 
There is a website call Clawhub that allows people to share skills they developed. In the early days these skills were frequently malicious and infected with malware and bad intent, in fact the number downloaded skill as the worst offender. This has been improved as the lead developer Peter Steinberger added many malware and security screenings to uploaded skills. This doesn't mean they are 100% safe, especially if you get them from somewhere other than Claw Hub.
You should review all skills you install, or at minimum have a quality LLM scan it.
You get what you pay for.
Low cost LLM that you can host yourself or are very cheap will give you very poor results. Especially at task execution and recalling memories. Unless you have 100GB+ of VRAM, I would recommend using a quality paid model. This can get very expensive if you are not using a paid subscription that is a one time cost.
If you have to run a local model, I recommend Qwen 3.5 models for under 100GB of ram and something like MiniMax M2.5 for larger GPU deployments like mine.
Otherwise, I would recommend ChatGPT, MiniMax, or Kimi coding subscription. These will give you the most value without breaking the bank. Do expect to spend at least $20 a month for a subscription/credits at minimum. I have seen many users spending hundred dollars a day in credits when not using a subscription.
Cron, Cron, Cron!
Openclaw has two methods of proactive and reoccurring tasks.
Heartbeat
This is typically run every 30 minutes.
Cron
This is your typical unix style scheduling and can be set to any schedule you want.
Cron is always the preferred method for anything with a predictable schedule, like once every day or every 4 hours. The big reason for this is every heartbeat is processed by your main agent and thus goes through your LLM. This can easily consume millions of tokens a day and can be a large portion of your token usage.
Heartbeat is good for tasks that have to be done very frequently, like check email.
Be a janitor
Openclaw can do some amazing things on it's own with the right direction. It can also do some stupid shit on a regular basis. You tell it to create a script for XYZ and it puts it in one location. Tomorrow you ask it to create another script for some other XYZ and it puts it in a totally different location. It will do things at times that will seem very stupid, but if you only use the gateway or channel (i.e. telegram/discord) you will never notice.
I recommend just giving the file system a manual look over once a month or even once a week depending on how active you are. Look over your workspace, look where scripts are being stored and make sure anything related to a specific skill is in the correct skill folder. Anything related to scripts are all in one scripts folder.
I like to keep my skills in .openclaw/skills so all agents can use them. Unless I am 100% sure it is only going to be used by one agent, this is how I roll. This works most of the time, but sometimes when you create a new skill through Openclaw it will put it in one agents workspace or even somewhere completely different. I like to fix these things every time I do a pass through.
As you notice these problems, update your memory files to instruct where things should go. For example, when I figure something out and I don't want to deal with it right away, I'll have Openclaw create a markdown file and store it in my main agents workspace under Notes. I have a rule in my tools.md to always store notes in this folder.
- Notes folder - Non-memory markdown notes belong in
./notes/folder, not scattered in workspace root.
This simple line will solve the problem 99% of the time. I do the same thing with scripts.
- Store all custom scripts in
~/.openclaw/scripts/(not ~/) - This mirrors the skills structure (
~/.openclaw/skills) so scripts are available to all workspaces
Try to find patterns that your Openclaw struggles with and give it guidance in your memory files.
I can go on and on,, I have learned a ton of tricks with Openclaw and loving building around it. I'll try to put out a few posts to
PS. I created an openclaw community if you want to write about Openclaw. This is for humans, not for automated clanker posts.
