u/ShabzSparq

Your agent doesn't remember you. not really.

You told it your partner's name last Tuesday. You explained your project structure last week. you spent 20 minutes describing how you like emails drafted. And today it acts like who are you?

This isn't a bug in your specific setup. It's the fundamental problem with how every AI agent handles memory right now. And after watching hundreds of people fight with this, the community has landed on three approaches. each with real tradeoffs.

The problem:

Most agent frameworks (OpenCLAW, Hermes, everything else) store memory in files. markdown, YAML, JSON. Your agent writes facts to a file. When it needs to remember something, it searches those files.

Sounds fine until you use it for more than a week.

The files grow. Every day, your agent adds more notes, more context, more conversation summaries. After a month, you've got thousands of lines across dozens of files. Your agent loads all of this into context on every single message. even when you ask "what's the weather." that's tokens burned on irrelevant memories, every interaction, forever.

Then compaction kicks in. Conversations get long, context gets trimmed, and details from earlier in the session just vanish. You agreed on somethBecause during compaction, your decision got compressed into "discussed project plans."

And the worst part: your agent can't connect facts. Monday, you say "Alice runs the auth team." Wednesday, you ask "who handles auth permissions?" Your agent has both facts stored in memory. Can't connect them. guesses instead.. confidently.

That's why it feels like your agent is lying. It's not. It's doing its best with a system that treats memory like a pile of text files instead of actual knowledge.

Approach 1: the markdown purists (just make the files better)

This is what most OpenCLAW users do. accept the flat file approach and optimize around it.

keep SOUL.MD Lean. Personality rules and hard boundaries only. move everything procedural to AGENTS.md. Add explicit memory rules like "when I share a decision or preference, write it to MEMORY.md immediately before responding."

use /new aggressively to keep sessions short. Clear the conversation buffer at least once a day so you're not sending yesterday's context with today's questions.

manually prune memory files every few weeks. delete outdated entries. consolidate duplicates. treat it like cleaning your desk.

The people making this work usually have tight, disciplined setups with one agent doing 3-4 things. The moment you scale to multiple projects or longer time horizons, the flat file approach starts cracking.

Cost: $0. effort: moderate ongoing maintenance.

Approach 2: the obsidian/external knowledge base crowd

a growing number of people are connecting their agent to Obsidian, Joplin, or a custom knowledge base as a "second brain."

The logic: give your agent a structured vault of notes organized by topic, project, and person. Instead of one big MEMORY.md, you have folders with context the agent can reference.

One person in this community built their entire household administration into an obsidian vault connected to OpenCLAW. financial documents, health tracking, garden planning, and emergency info for his son. The agent queries specific folders instead of loading everything into context every time.

The problem: Obsidian was built for humans browsing notes, not AI doing semantic retrieval across hundreds of files. You still hit context window limits. Your agent can't search the whole vault, so it either loads a tiny slice (missing everything else) or you build a retrieval pipeline yourself (congratulations, you're now building infrastructure).

And every note in that vault is going to your cloud model provider. every personal thought, every financial document, every medical note. One obsidian-as-memory guide literally warns "be deliberate about what goes in the vault." The polite version of "this has serious privacy implications."

Cost: $0 for the tools, with significant setup time. Works great for single-project focused use. breaks down at scale.

Approach 3: the vector database / semantic memory crowd

This is the "proper" solution that engineering-minded people are building. Instead of flat files or folder structures, store memories as vector embeddings. When the agent needs to recall something, it does a semantic search and retrieves only the relevant memories instead of loading everything.

Hermes does this natively with a three-layer system. short-term context for the current session. episodic SQLite archive for past interactions (searchable). procedural skills that the agent writes itself from experience.

The mem0 folks published data showing this approach reduces active context by 70-85% compared to naive file injection. same answer quality, way fewer tokens burned on irrelevant memories.

The Composio comparison put it well: openclaw fires a broad search across everything and often pulls in stale context that makes the model worse. Hermes uses tiered retrieval, checks core memory first, then broader archives only if needed. more intentional. less noise.

For OpenCLAW specifically, people are bolting on pinecone, chromaDB, or mem0 as external memory layers. It works, but it's another piece of infrastructure to manage. Another thing that can break at 2am.

Cost: $0-20/month for the vector store. significant engineering effort to set up. The best results of the three approaches once running.

Reality:

None of these are great. Approach 1 works for simple setups but doesn't scale. Approach 2 is clever but is a workaround for a problem the platform should solve. Approach 3 is the right architecture but requires engineering effort most users don't have.

The memory problem is the single biggest reason agents feel dumb. Not the models. The models are incredible. GPT-5.5, opus 4.7, qwen 3.6... all more than capable. The bottleneck is that your agent can't remember what you told it last week without either burning thousands of tokens on irrelevant context or requiring you to build a custom retrieval pipeline.

Whoever solves "the agent just remembers, like a human would, without you managing files or databases" wins the next phase of this space.

Until then, pick your tradeoff and make peace with it.

Not trying to start a war. But curious where this sub stands.

Because I see two types of people here:

Type 1: wants to own the server, pick the runtime, customize every config file, fork the repo if needed, and debug whatever breaks. The control is the point. Even if it takes longer.

Type 2: wants an agent that reads their email, qualifies leads, and sends a morning briefing. Doesn't care what's running underneath. Just wants it to work when they wake up.

Both are valid. But they need completely different products.

Type 1 should be on OpenClaw or Hermes. Type 2 probably shouldn't be self-hosting at all.

The problem is most people think they're type 1 until they've spent their third weekend debugging Docker. Then they quietly become type 2 but feel weird about it because this everybody makes self-hosting feel like the "real" way.

It's not. It's one way.

Where do you actually fall?

Gonna say something that's going to make a lot of people feel stupid

90% of premium model usage is paying $25/million tokens for work a $3/million token model handles identically..

There are exactly 3 situations where the expensive model actually pays for itself.

1. Anything that touches real money or real people

Someone in this community built an agent that handles customer refund requests end to end. pulls order history, checks return policy, processes the refund, sends confirmation. No human involved. Another person's agent qualifies sales leads and books meetings at 3am while their team sleeps. Someone else's agent monitors flight delays, updates their calendar, recalculates drive times with live traffic, and texts them if the departure window changes. One person's agent submitted delay repay claims and made them £93 while they did literally nothing.

All of these involve actions that can't be undone.

Cheap models stumble at step 3 of a 7-step chain. They say "done!" when nothing happened. They hallucinate confirmation numbers. A refund processed wrong costs real money. A lead qualification that fumbles the conversation loses a $10k deal. A wrong timezone means you miss your flight.

Cost of opus on a 5-minute interaction like this: maybe $0.30. Cost of getting it wrong: not comparable.

2. Cross-language multi-document analysis where errors have consequences

Someone downloaded financial statements for 14 companies across 5 countries. some in chinese, some in korean. agent translated, compared, organized into structured reports, uploaded to Nextcloud. saved them 10 hours. They did other work while it ran.

There's a mechanic in the community who indexed every service manual, lubricant catalog, and parts spec for every car he works on. Now asks about torque specs and part numbers in normal conversation across thousands of pages of technical docs.

Someone else is parsing 40-page contracts, identifying every clause that deviates from standard terms, flagging risk levels, drafting redline suggestions.

Cheap models hallucinate numbers on this stuff. They miss cross-references. They confidently produce analysis that looks right until you check the source and realize they made half of it up. The $5 you saved on tokens costs you $5000 when a missed contract clause goes unnoticed.

3. Long autonomous workflows running unsupervised overnight

Someone runs a full content pipeline. cron jobs pull data from multiple sources, agent writes social posts, sends to n8n, publishes across platforms. every day. No human touching it.

Another person has their agent monitoring competitor websites at noon, polling for new leads at 9am, sending a daily summary at 5pm. fully autonomous.

When a workflow runs for hours with 10+ tool calls per task and each step depends on the previous one succeeding... the model cannot afford to hallucinate mid-chain. One failed step at 2 am that gets reported as "completed successfully" means you wake up to corrupted data and no idea when it went wrong.

Premium models hold coherence across long autonomous chains. Cheap models lose the thread by step 5 and start improvising.

The rule is actually simple. If a failure costs you more than the price difference between models, use premium. If a failure just means you hit /new and rephrase, use cheap.

Route by task, not by default.

Most people set up OpenClaw or Hermes, pick one model, and let it run everything. Heartbeats checking for new messages 48 times a day. Cron jobs running every hour. Background summarization. All of it hitting the same model. All of it billing at the same rate.

If that model is GPT-4o or Opus or anything in the frontier tier, you're paying $60-200/month for tasks that a $1 model could handle without breaking a sweat.

Here's the actual fix.

Your agent does two completely different types of work. Background stuff... heartbeats, polling, cron checks, summarization, classification. And foreground stuff... actual conversations with you, complex reasoning, multi-step tasks where quality matters.

These should never use the same model.

Background tasks don't need to be smart. They need to be fast and cheap. Deepseek v4 flash handles this at around $1-2/month for most setups. Gemini Flash free tier handles it for literally $0.

Foreground conversations need quality. Claude Sonnet 4.6 is the sweet spot here. Not Opus. Not GPT-5.4. Sonnet. Around $2-3/month for normal usage.

Total bill: under $5/month. Same agent. Same capabilities. Same morning briefings. Same email triage.

The people paying $200/month aren't getting a better agent. They're running Opus on heartbeats. That's $60/month just to ask "anything new?" 48 times a day.

Check your current setup right now. Go to your provider dashboard and look at where your tokens are actually going. I'd bet most of it is background tasks on a model that's completely overkill for the job.

Fix the model routing before you uninstall anything. Took me an afternoon. Cut my bill by about 80%.

If you're on OpenClaw: Settings, LLM, set your default to Deepseek v4 flash, then manually route conversations to Sonnet. If you're on Hermes: same idea, set the background curator to a cheap model and keep your main conversation model on something with actual reasoning capability.

Let me know if I missed anything..

I saw the "about to give up" post on OpenClaw sub today. And it's always the same problems underneath. The agent hangs. it forgets conversations. It says it can't do things. It screws up a task and then screws up worse when you try to correct it.

You're not doing anything wrong. You're hitting the same walls everyone hits around week 2-4. The good news is most of these are fixable in about 10 minutes.

1. Your agent is too dumb for what you're asking it to do.

This is the #1 reason people want to quit. they give their agent a complex multi-step task (travel planning, email monitoring, calendar management) and it falls apart halfway through.

The problem usually isn't OpenCLAW. it's the model. Gemini Flash and haiku are cheap but they genuinely cannot handle complex multi-step reasoning with tool calls. they lose track of what they're doing by step 3.

If you're on a cheap model and your agent keeps confusing timezones, duplicating calendar entries, or forgetting what you just said, try bumping to Sonnet 4.6 for a day. just to see if the problem is the model or the framework. If Sonnet nails the same task your cheap model botched, you found the issue. You can always route only complex tasks to sonnet and keep the cheap model for simple stuff.

2. Your conversations are too long.

That travel planning example where someone went 20+ messages deep trying to fix calendar mistakes? By message 15 the agent is carrying the entire conversation history in context. Every correction, every wrong attempt, every "no that's wrong try again." The agent is drowning in its own failures.

type /new and start fresh. Give the instruction cleanly in one message. Don't correct in a loop. If it gets it wrong, /new and rephrase. A clean instruction in a fresh session beats 20 messages of corrections in a polluted one every single time.

make /new a habit. before any big task. When things start feeling off. at least once a day.

3. "It doesn't remember conversations" means your memory config needs work.

If you tell your agent something important and it forgets by next session, the agent didn't save it to memory. It's not refusing. It just doesn't know it should.

Add this to your SOUL.md:

markdown

when I share a preference, decision, or important fact, write it to memory immediately. confirm you saved it.

Also, check that you actually have memory enabled and that your workspace directory exists and is writable. sounds basic but a lot of "it doesn't remember" problems are just permission issues on the memory files.

4. "It says it can't do things" usually means it doesn't have the tools.

When someone says "Keep an eye on Gmail and update my calendar" and the agent responds "I can't do that," it's usually telling the truth. it literally can't access Gmail or your calendar without the right skills or integrations set up.

Before blaming the agent, check: does it actually have access to the service you're asking about? Can it browse the web (needs a browser skill installed)? Does it have write access to your calendar (needs calendar integration)?

The agent isn't being lazy. It doesn't have hands for the thing you're asking it to grab. Set up the integration first, then ask.

The pattern behind every "about to quit" post:

Too hard a task on too cheap a model. Too many corrections in one session instead of fresh starts. No explicit memory rules in SOUL.md. asking the agent to use tools it doesn't have access to.

Fix those four things, and most people go from "this is useless" to "ok wait this actually works" in about an afternoon.

And if all four are handled and it's still frustrating? That's fair too. Openclaw isn't for everyone and there's no shame in deciding it's not worth the maintenance. But at least make sure you're judging the real product and not a misconfigured version of it.

I've tested most of them at this point. Used some for weeks. Gave up on others in hours. Every single one has something that makes you go "why."

Here's the honest list.

OpenClaw Fatal flaw: the update cycle will break your setup and your spirit.

370K stars. Massive community. Incredible integrations. Connects to everything. But the project ships 2-3 updates per week and at least one of them will break something. The community literally celebrates when an update doesn't destroy their agent. 81 people upvoted "2026.5.4 Hallelujah!" because a release didn't break things. That's the bar.

Also 434,000 lines of code. 40,000+ instances found exposed on the public internet without authentication. 824+ malicious skills found on ClawHub. Multiple CVEs in 2026. The power is real. The chaos is also real.

Hermes Agent Fatal flaw: the self-learning sounds better than it works.

Nous Research built something genuinely cool. Agent completes a task, writes a skill file, loads it next time. Closed learning loop. They claim 40% faster on repeated tasks.

But. The skills are domain-specific. A skill from "summarize a PR" doesn't help with "plan a database migration." Bad skills persist alongside good ones. No auto-pruning. Self-learning features are OFF by default and nobody reads the docs to turn them on. And you still need Docker and a VPS. The learning loop is impressive. The infrastructure tax is identical to OpenClaw.

n8n Fatal flaw: it's not actually an agent.

n8n is a workflow automation tool that added AI nodes. It's excellent at what it does. Trigger, action, condition, action. Deterministic. Reliable. Predictable.

But it has no persistent memory. No personality. No autonomy. No "always-on assistant that knows you." It doesn't wake up at 7am and decide what's important in your inbox. It runs the exact workflow you built, every time, the same way. That's a strength for automation. It's a limitation for agents.

People compare n8n to OpenClaw like comparing a dishwasher to a chef. Both involve dishes. Only one decides what to cook.

Manus Fatal flaw: you have zero control over anything. And the future is uncertain.

2M user waitlist. Fully managed. You describe a task, Manus handles everything. Sounds perfect until you realize "handles everything" means "you can't see how it works, can't customize behavior, can't choose your model, and can't inspect what it did."

Meta tried to acquire Manus for $2B. China blocked the deal in April 2026 and ordered it unwound. The product still exists but the future is genuinely unclear. Building your workflow on a platform with an uncertain future is a risk most people aren't pricing in.

For research tasks and one-off projects? Genuinely impressive. For a daily agent that handles your email, calendar, and leads? You're trusting a black box with your entire workflow. No BYOK. No model selection. No skill customization. No trust levels.

Manus is a taxi. Sometimes you need to drive yourself.

NanoClaw Fatal flaw: beautiful code, tiny ecosystem.

3,900 lines of code vs OpenClaw's 434,000. Container isolation. Beautiful security model. The entire codebase is readable in 8 minutes. Philosophically it's everything OpenClaw should be.

But the ecosystem is minimal. Small plugin library. Limited integrations. Tiny community compared to OpenClaw's 13,000+ skills. If you need enterprise integrations with Jira or Salesforce, look elsewhere. It supports multiple providers (Claude, OpenAI, Google, DeepSeek, local models) so you're not locked in there. But the skill and integration gap is real and it matters when you're trying to build actual workflows, not just a proof of concept.

Nanobot Fatal flaw: it's a learning project, not a production agent.

4,000 lines of Python. 26,800+ stars. Great for understanding how agents work. Fork it, read it, extend it. Beautiful for education.

But running it for real daily tasks? The skill ecosystem is tiny. Integrations are manual. There's no visual builder, no OAuth, no scheduling, no trust levels. It's a bicycle. Great for learning to ride. Not great for commuting.

Nemoclaw Fatal flaw: Nvidia GPUs or nothing.

Purpose-built for Nvidia hardware using NIM. Incredible inference performance locally. If you have A100s or RTX 5090s sitting around, this is the fastest local agent you'll run.

If you don't have Nvidia GPUs, this product doesn't exist for you. That's not a bug, it's by design. But it means 90% of people reading this can close the tab.

The pattern:

Every framework optimizes for one thing and pays for it somewhere else.

OpenClaw optimized for integrations. Pays with stability and security. Hermes optimized for learning. Pays with infrastructure complexity. n8n optimized for reliability. Pays with zero autonomy. Manus optimized for simplicity. Pays with zero control and uncertain future. NanoClaw optimized for security. Pays with ecosystem size. Nanobot optimized for readability. Pays with production readiness. Nemoclaw optimized for performance. Pays with hardware requirements.

There's no perfect framework. There's only the right tradeoff for your situation.

The uncomfortable question:

Most people don't need a framework at all. They need an agent that works.

The difference between "I want to build an agent" and "I want an agent to do work for me" is the difference between a hobby and a tool. Both are valid. But if you're in the second camp and you've spent more time configuring infrastructure than actually using your agent... you might be solving the wrong problem.

What's the fatal flaw I missed?

Started using Claude Cowork a couple of months ago. most beginner guides have you "organize a folder" and call it a tutorial. that misses the actual point.

The unlock is this prompt pattern: state the outcome first, point at the inputs, tell it where the output goes, mention constraints. that's it. No step-by-step. cowork plans better than you do, let it.

My first real test was pointing it at a downloads folder with about 200 random files. asked it to group by purpose, move into subfolders, build a receipts.xlsx for any invoices it found, drop a summary.md at the root explaining what it did. took 4 mins. The summary even flagged 3 files it wasn't sure about. That's when i got it.

Three things that catch everyone:

Scheduled tasks only run while your laptop is awake with claude desktop open. close the lid, the schedule dies. This is the biggest gotcha. If you need 24/7 automation that's not what cowork is for.

Memory only persists inside projects. One-off tasks lose context the moment they end. Always use a project if continuity matters.

Anthropic explicitly says don't use it for regulated data. No audit logs, no compliance api, no data exports. Fine for general business, not for HIPAA or attorney-client stuff.

Cowork at ~$20/mo on a pro plan is genuinely useful for personal force multiplication. it's not a fleet agent. It's a coworker that lives on your laptop. for the work that runs while you sleep across channels, you need a different layer entirely.

What's your most-used scheduled task so far? Curious what people are actually running on repeat vs what gets set up and forgotten.

Spent 30 minutes in a cowork session watching it ask me for context i'd already given claude in chat the day before. that's when it clicked.

These are two completely separate memory systems with the same brand name.

Chat memory is a profile. claude builds a synthesized summary of you every ~24 hours from your standalone chats. free on every plan since march. it knows you're a founder, knows your projects, knows your preferences. compressed though, so it forgets reasoning chains and specific decisions.

Cowork memory is project-scoped. lives inside a cowork project tied to a folder. anthropic's docs literally say memory is supported within projects but not retained across standalone cowork sessions. so if you start a cowork session outside a project, blank slate.

And the kicker: chat memory and cowork memory don't share data. at all. You can have both enabled and they coexist as totally isolated pools. tell cowork your pricing strategy and chat won't know. it's intentional siloing for privacy reasons, but if you don't know it's happening you'll lose hours re-explaining yourself.

Bonus weirdness: each chat project also has its own isolated memory pool. so it's actually three+ separate memory containers, not two.

For anyone building actual agents (not just using claude as a chatbot), neither of these solves agent memory. that's still mostly diy with mem0, cognee, or a platform that does it for you.

anyone else getting bitten by this scoping? Curious how others are bridging the gap between chat and cowork without copy-pasting context every time.

A thread blew up this week asking "what are you genuinely using OpenCLAW for?" and I expected the usual "autonomous AI company" fantasy posts.

Instead, I got 50+ replies from people running real workflows that actually survive past week one. I went through every single comment. Here's what people are actually doing.

The use cases that keep showing up:

Morning briefings. This is the #1 use case by far. The agent checks email, calendar, news feeds, sends a summary to Telegram before you wake up. Multiple people running this daily for months. One person said "it's the first thing I check every morning now." Cost: basically nothing on a daily cron.

Email triage. Agent reads inbox, classifies messages, tags junk, drafts replies to the important ones. One person went from manually processing 50+ emails a day to reviewing 3 drafted replies. read-only at first, write access after trust is established.

Health and fitness tracking. surprised me how many people are doing this. One person connected Oura, Strava, and Withings for a full fitness coaching setup. Another tracks food through photos and text logs for type 2 diabetes management. Someone else lost 9 pounds in 6 weeks with an agent managing nutrition and workout programming.

Website creation and maintenance. Multiple people built full websites through OpenClaw and deployed them. One person's mom updates her dance school website through WhatsApp. just sends a message and the agent pushes changes to GitHub Pages. The mom has no idea what github is.

Competitive and financial research. A corporate strategy person had their agent download financial statements for 14 companies across 5 countries in 3 languages. Chinese earnings transcripts translated and organized into Nextcloud. saved an estimated 10 hours. They did other work while the agent ran.

Home automation. One person connected OpenCLAW to Home Assistant and built: location-based reminders ("when I'm at that store, remind me to buy X"), garden planning with automated sowing schedules, household finance tracking, health monitoring, and an emergency access system so his son can navigate important documents if something happens. Genuinely one of the most complete personal agent setups I've ever seen.

Content and social media. Several people running automated content pipelines. One person has cron jobs pulling data, writing social posts, and sending them to n8n for publishing. A music magazine website is run entirely by multiple openclaw agents (writing, sourcing, SEO, indexing).

The weird but genuinely useful ones:

Birthday messenger. Agent crawls a birthday calendar, finds today's birthdays, writes messages in the person's native language, finds them on messaging apps, sends a match report for approval. "It was either that or no message."

Recipe assistant named "Captain Redclaw" that talks like a pirate. converted a massive recipe collection into a vector database. chats via Telegram about what to cook.

Campsite sniper. Monitors hard-to-get campsite reservations (like fire lookout towers) and auto-books when cancellations happen.

Mechanic's knowledge base. indexed service manuals, lubricant catalogs, and parts catalogs for specific car models. Asks about torque specs and part numbers through natural conversation.

Every single working setup in that thread shares the same characteristics:

The agent does boring, repetitive tasks. not flashy demos. briefings, sorting, summarizing, tracking, reminding. boring stuff that saves real time.

Read-only before write access. The stable setups started with the agent reading and summarizing. Sending emails and creating files came weeks later after trust was built.

One agent, multiple use cases. Almost nobody running a working daily setup has more than 1-2 agents. The "fleet of 8 specialized agents" posts are always from people in their first week.

guardrails everywhere. The person who said "it cannot message a seller by itself; it gives me a decision with evidence" nailed it. approval gates on anything external. receipts on every action.

The honest failures too:

One experienced IT person called it "frustrating, buggy, and ultimately unreliable." Another said the only things that work are "basically tasks that could be cron jobs." Someone described it as "a digital paperweight."

These aren't wrong. OpenClaw IS buggy. Updates DO break things. Setup is painful. The people with stable workflows either have technical backgrounds or used managed platforms that handle the infrastructure.

But the gap between "digital paperweight" and "saves me 10 hours a week" is almost always the same four things: cheap model, locked gateway, good SOUL.md with boundaries, and realistic expectations about what an agent should do in week one.

The one-sentence summary:

The people who get real value from OpenClaw all treat it like a very efficient intern handling boring tasks. The people who quit tried to make it a CEO on day one.

I've helped hundreds of people debug their OpenClaw setups over the past few months. The pattern is brutal. People install it, get excited, skip the boring stuff, break things in ways that take hours to fix, and half of them quit before the second week.

This is everything I wish someone had told me on day one. not a setup guide. just the stuff that'll save you from the most common pain.

DO: pick a cheap model first.

Your default model matters more than you think. If you didn't change it during setup, check what you're running:

bash

openclaw config get agents.defaults.model

If it says Opus anywhere, switch immediately. opus is $5/$25 per million tokens. Sonnet does 90% of the same work at $3/$15. For your first week of learning, even cheaper models work fine. GLM-5.1 at $0.95/$3.15 or openrouter free tier costs literally nothing.

Pro tip: newer model aliases like openai/chat-latest and improved Gemini fallbacks landed in the May releases. Cheap options are even better now. always double-check your defaults.

Someone I helped was spending $47/week without realizing it. changed one setting. Next week costs $6.

DON'T: skip the gateway security.

If you're on a VPS or any internet-connected machine:

bash

openclaw config get | grep -E "host|bind"

If it says 0.0.0.0 Your agent is accessible to anyone who finds your IP. SecurityScorecard found over 135,000 exposed OpenCLAW instances across 82 countries at peak. One had a zero-click exploit (CVE-2026-25253, patched) that let attackers hijack agents from a single webpage visit.

bash

openclaw config set gateway.bind loopback

Two minutes. Do it before connecting any channel.

DO: write a SOUL.md with boundaries, not just personality.

Most guides tell you to write personality rules. "Be direct, match my tone, don't say absolutely." That's fine. But the part people skip is boundaries:

markdown

Never send emails, messages, or make bookings without showing me first.
Never sign up for services without my explicit approval.
Never delete files or emails without asking.

Without boundaries, your agent will do exactly what it thinks you want at machine speed with zero hesitation. Someone told their agent to "explore what you can do." It created dating profiles using data from his emails. The agent wasn't broken. The instructions were too open.

"Never do X" works better than "try to be Y." Your SOUL.md is built through irritation, not planning.

Recent community consensus (r/openclaw, May threads) is to keep SOUL.md lean (personality + hard limits) and move procedural rules to AGENTS.md if it starts getting long.

DON'T: install skills in your first week.

I know. ClawHub now has tens of thousands of skills, and they all still look cool. don't.

The registry has grown faster than the safeguards. ClawHavoc (January 2026) was just the beginning. 341 malicious skills found initially, 2,419 removed during cleanup. A separate Snyk audit flagged 13.4% of the registry for critical issues including malware, prompt injection, and exposed API keys. The registry went from 13,729 skills to 3,286 after the purge, then grew back rapidly. Independent analysis found nearly 7,000 skills are exact text clones of another skill, one template republished 57 times by different authors.

ClawHub's VirusTotal scanning + community tools like Clawdex have improved things. But "scanned" and "safe" are still not the same thing.

Learn what your agent can do natively first. You'll be shocked how far it gets. After week 1, add one skill from a verified publisher (check stars, install count, and recent audit score on ClawHub). test it for a few days. watch costs and behavior. never more than one at a time.

DO: use /new aggressively.

Every message you send in a session gets included in every future API call. After a few days of chatting, you're sending thousands of tokens of old conversation with every new message. that costs money and makes your agent slower and more confused.

/new starts a fresh session. Your agent keeps all its memory files, SOUL.md, everything. You're just clearing the conversation buffer.

Use it before any big task. When your agent starts acting weird. at least once a day as a habit.

also learn /btw for tangent questions. Instead of polluting your main session with "what's the weather tomorrow," type /btw what's the weather tomorrow and it fires off a side conversation without touching your main context.

with the new voice and streaming features in 2026.5.x, sessions fill up even faster.

DON'T: create a second agent.

Every new user thinks they need multiple agents. personal, work, coding. you don't. not yet.

Every agent is an independent token consumer. Every agent needs its own channel binding. Every agent complicates debugging. I've seen too many people create a second agent to "fix" problems with the first one. Now they have two broken agents.

Get one agent working perfectly for 2 weeks. Then decide if you actually need another. Most people don't.

DO: check your costs every single day for the first 2 weeks.

check your API provider's dashboard directly (console.anthropic.com, platform.openai.com, whatever you use). Don't rely on OpenCLAW's internal cost tracking. It's an estimate and sometimes doesn't match what you actually get billed.

on Sonnet with one agent and no skills, expect $3-8/month for moderate personal use. if you're above that in your first week, something is wrong and it's fixable.

Watch for heartbeat costs specifically. OpenClaw checks in every 30-60 minutes. if those heartbeats are running on your expensive model, you're paying for your agent to check its own pulse 24 times a day at premium rates.

especially now that voice memos and realtime channels are live for many users.

DON'T: auto-update without checking the changelog.

This is the mistake experienced users make. OpenClaw updates 2-3 times a week. Some updates break things. If you auto-update overnight, you might wake up to a broken setup with no idea what changed.

OpenCLAW is now on the 2026.5.x series. The May releases added voice call support, safer plugin plumbing, better doctor/CLI diagnostics, and improved recovery. Great stuff, but some users still hit small breaking changes on auto-update.

Either pin your version and update manually when you're ready, or at minimum read the changelog before letting updates through.

DO: have realistic expectations for your first week.

Day 1-2: set up your model, lock your gateway, write your SOUL.md. have normal conversations. ask stupid questions. get comfortable.

Day 3-4: start using it for real tasks. calendar, reminders, web searches, summarizing articles. the boring stuff. keep everything read-only. Don't give it write access to email or files yet.

Day 5-7: refine your SOUL.md based on what annoyed you. Check your costs. Get a feel for daily usage.

That's it. no skills. no second agent. no multi-agent orchestrator. no cron jobs. just one agent that knows who you are, respects boundaries, and does basic tasks reliably.

If that feels underwhelming, good. The people still crushing it three months from now all started exactly like this. The ones who quit started with 8 agents and 30 skills on day one.

I get this question a lot. "Why do I need an AI agent? Can't I just use Claude or ChatGPT?"

Short answer: No. And the reason isn't intelligence. It's memory, persistence, and autonomy.

Claude is a genius with amnesia.

You open a tab. Ask it to draft an email. Perfect email. Close the tab. Tomorrow you open a new tab. Claude has no idea who you are, what you asked yesterday, what your tone is, who your clients are.

Every conversation starts from zero. You re-explain yourself every single time. That's not an assistant. That's a stranger you keep hiring for one task and firing immediately.

An agent remembers. My agent knows my writing style, my clients by name, that I hate meetings before 10 am, what happened yesterday. It accumulated all of this over weeks of running continuously. Not from one conversation.

A chatbot waits. An agent acts.

Claude sits in a tab doing nothing until you type. It's reactive.

My agent wakes up at 7 am, checks Gmail, classifies 50 emails, tags junk, drafts replies to the important ones, checks my calendar, compiles a morning briefing, sends it to my Telegram. Before I open my eyes.

Then at 9am it polls for new leads. At noon it checks competitor sites. At 5pm it sends a daily summary. All without me touching anything.

Try doing that with a ChatGPT tab.

"But Claude code can do that"

Claude code is a developer tool. It writes code, runs commands, and manages repos. incredible at what it does.

But asking Claude code to triage your support inbox is like asking a senior engineer to answer your phone. They CAN do it. But you're wasting a $200/month tool on a $5 task.

When to use what:

One-off questions, coding, brainstorming, creative work: use Claude, ChatGPT, Cursor. These are conversations. Chatbots are built for conversations.

Anything on a schedule without you. anything needing memory across weeks. Anything where you want results delivered to you, not pulled by you. Anything where "I forgot to do it" is the actual problem: you need an agent.

The difference in one sentence:

A chatbot is a tool you use. An agent is a worker you employ.

You don't open a chatbot at 3 am to check if anything happened. Your agent already checked and sent you a message about it.

If you're opening ChatGPT every morning to manually check email, summarize news, and draft replies, you don't need a smarter chatbot. You need an agent that does it while you sleep.