AI MakersAI Makers
How-To Guides

How to Set Up Clawbot (OpenClaw) in 2026: Complete Tutorial

Mark Austen-March 3, 2026-15 min read

Clawbot (now officially called OpenClaw) is the open-source AI agent that took GitHub by storm — 149,000 stars and counting. Unlike ChatGPT, it runs on your own machine and can actually do things: run commands, manage files, control browsers, and automate workflows. This guide walks you through setting it up from scratch, connecting it to your messaging apps, and installing the best skills. We also cover where it falls short and what we're building as a secure alternative.

What you'll need

Operating systemmacOS 11+, Linux (Ubuntu 20.04+), or Windows 10+ with WSL2
RAM2GB minimum (4GB recommended, 8GB+ for local AI models)
Disk space500MB + model cache
Node.jsVersion 22 or higher
AI model API keyAnthropic (Claude), OpenAI (GPT-4), or Ollama for free local models
Time20-30 minutes
1

Install OpenClaw

You have three options. Pick whichever matches your setup:

Option A: npm (recommended for most users)

npm install -g clawbot@latest
clawbot init

This installs the CLI globally and runs the interactive setup wizard which walks you through model selection and channel configuration.

Option B: Docker (most secure)

docker run -d \
  --name clawbot \
  -v ~/.clawbot:/root/.clawbot \
  -p 18789:18789 \
  ghcr.io/steipete/clawbot:latest

Docker is the safest option because it isolates OpenClaw from the rest of your system. If something goes wrong, the damage is contained to the container.

Option C: macOS DMG

Download the latest .dmg from the GitHub releases page. Drag to Applications. Double-click to launch. The app includes the Gateway and a menu bar icon for quick access.

2

Start the Gateway

The Gateway is the central process — it routes messages between your channels, the AI model, and your system.

clawbot gateway start

Check it's running:

clawbot gateway status

You should see Gateway running on port 18789. If it fails, check that nothing else is using that port.

3

Connect an AI model

OpenClaw doesn't include its own AI — it's an orchestration layer that connects to the model of your choice. Edit ~/.clawbot/clawbot.json:

ProviderMonthly costQualityBest for
Anthropic Claude$20-40ExcellentBest reasoning — recommended for most users
OpenAI GPT-4$25-50ExcellentBroad model selection, familiar ecosystem
DeepSeek$5-15GoodBudget option with solid performance
Ollama (local)FreeVariesMaximum privacy, needs 8GB+ RAM

Example: connecting Claude

{
  "ai": {
    "provider": "anthropic",
    "apiKey": "sk-ant-your-key-here",
    "model": "claude-sonnet-4-6"
  }
}

Get your API key from console.anthropic.com. Set a spending limit — $20-40/month is typical for moderate personal use.

Example: connecting Ollama (free, local)

ollama pull llama3.1:8b
{
  "ai": {
    "provider": "ollama",
    "model": "llama3.1:8b",
    "endpoint": "http://localhost:11434"
  }
}
4

Connect a messaging channel

This is what makes Clawbot different — you control it through your normal messaging apps instead of a separate UI.

Telegram (easiest to start)

clawbot channel add telegram

You'll need to create a bot via @BotFather on Telegram (takes 2 minutes), then paste the token when prompted. After that, message your bot and it routes straight to your local Clawbot agent.

WhatsApp

clawbot channel add whatsapp

This uses WhatsApp's linked devices feature. Scan a QR code and your WhatsApp messages route to Clawbot. Important: WhatsApp's ToS don't allow automated bots on personal accounts. Use a secondary number for testing.

Other channels

OpenClaw supports 15+ channels including Discord, Slack, Signal, Matrix, IRC, email (IMAP), and more. Run clawbot channel list to see all available options.

5

Install skills

Skills are plugins that give Clawbot abilities. There are 10,700+ on ClawHub. Browse and install:

clawbot skills browse
clawbot skills install google-calendar github-assistant daily-briefing

Top 10 skills we recommend

google-calendarSchedule, query, and manage events
github-assistantPRs, issues, code review
daily-briefingMorning summary: calendar, weather, news
file-managerOrganize, rename, convert files
web-scraperExtract data from websites
email-assistantDraft, send, organize emails
expense-trackerLog expenses through chat
system-monitorServer health and uptime alerts
database-queryNatural language SQL queries
home-assistantSmart home device control

Security warning on skills

820+ malicious skills have been found on ClawHub (7.6% of total). Only install skills from verified publishers with significant community usage. Avoid newly published skills with few users. Read our full security analysis.

6

Test it

Open your connected messaging app and send your agent a message. Start simple:

"What time is it?"Tests basic AI response
"List the files in my Documents folder"Tests file system access
"What's on my calendar today?"Tests Google Calendar skill
"Check if google.com is reachable"Tests shell command execution
"Give me a morning briefing"Tests the daily-briefing skill

Where Clawbot falls short

We use OpenClaw ourselves. It's genuinely useful. But after months of using it and building on top of it, the limitations are clear:

Security is an afterthought

512 vulnerabilities, 8 critical. The ClawJacked flaw lets websites hijack your agent. Skills run unsandboxed with full system access. Fine for a personal machine — unacceptable for client data.

Single user only

No way to share an agent across a team. No role-based access. No admin panel. If you want three people using the same AI agent, you need three separate installs.

No audit trail

What did the agent do at 3am? What files did it access? What commands did it run? There's no logging, no history, no way to answer these questions.

Skills are a Wild West

10,700+ skills with minimal vetting. 7.6% malicious rate. No sandboxing. Installing a skill is basically running someone else's code with your permissions.

No enterprise integrations

Connecting to Salesforce, QuickBooks, Xero, or your bank requires custom development. The skill ecosystem focuses on developer tools, not business workflows.

You're the ops team

Updates, backups, security patches, uptime — it's all on you. When it breaks at 2am, you're the support team.

What we're building: a secure Clawbot for businesses

At AI Makers, we loved the concept of OpenClaw. An AI that doesn't just talk — it acts. But we couldn't deploy it for our clients. The security gaps, the lack of team features, the unvetted skill ecosystem. So we're building what OpenClaw should be for businesses.

What our platform does differently

Sandboxed tool execution

Every tool runs in an isolated container. A misbehaving tool can't touch your files, credentials, or other tools.

Role-based access control

Admins control which team members can use which tools. The intern can't run shell commands. The accountant can access invoices but not code repos.

Full audit logging

Every action logged with timestamp, user, tool used, input, output, and reasoning. Exportable for compliance.

Vetted integrations

No open marketplace. We build and maintain every integration — WhatsApp Business API, Google Workspace, Xero, QuickBooks, Slack, CRM systems. Each one tested and secured.

Multi-user + team workspaces

Shared agents that the whole team can use. Individual profiles, shared knowledge base, team-level permissions.

WhatsApp Business API

Official verified sender, message templates, broadcast lists, and full ToS compliance. Not the personal linked-devices workaround.

Encryption at rest + in transit

All data encrypted with AES-256 at rest. TLS 1.3 in transit. API keys stored in encrypted vaults, not plaintext config files.

Managed infrastructure

We handle updates, security patches, uptime monitoring, and backups. 99.9% SLA. You use it, we run it.

Same philosophy as OpenClaw — your data, your server, an AI that takes actions. But built from the ground up for teams, compliance, and production workloads.

Want early access?

We're onboarding the first businesses onto our secure AI agent platform. If you like what OpenClaw does but need it production-ready — let's talk.

Request Early AccessLearn More

Frequently Asked Questions

How long does it take to set up Clawbot?+
About 20-30 minutes for a basic setup with an API-based model (Claude or GPT-4). If you want to run a local model with Ollama, add another 15-20 minutes for downloading and configuring the model. The Docker method is fastest — under 10 minutes.
Can I run Clawbot on Windows?+
Yes, but you need WSL2 (Windows Subsystem for Linux). OpenClaw doesn't run natively on Windows — install WSL2 through the Microsoft Store, then follow the Linux setup instructions inside your WSL terminal. Docker Desktop with WSL2 backend is the easiest Windows path.
Which AI model should I use with Clawbot?+
Claude (Anthropic) is recommended for best reasoning quality and costs about $20-40/month in API usage. GPT-4 is a solid alternative at $25-50/month. For zero cost, use Ollama with a local model like Llama 3 — but you need 8GB+ RAM and quality is lower than the cloud models.
Is Clawbot free?+
The software is 100% free and open-source (MIT license). The only cost is the AI model API — Claude runs roughly $20-40/month, GPT-4 about $25-50/month, or Ollama is completely free if you have the hardware to run local models.
Can I connect Clawbot to WhatsApp for my business?+
Technically yes — OpenClaw supports WhatsApp through the linked devices feature. However, WhatsApp's Terms of Service don't allow automated bots on personal accounts. For business WhatsApp automation, you need the official WhatsApp Business API with a verified business account.
Is there a more secure alternative to Clawbot?+
We're building one. At AI Makers, we're developing a secure, enterprise-grade AI agent platform with sandboxed tool execution, role-based access, audit logging, and vetted integrations. Same concept as OpenClaw — an AI that can take actions — but built for businesses that can't afford the security risks of an open-source agent with 512 known vulnerabilities.

Related Reading

← Back to Blog