Open Claw: Building an Autonomous AI Organization

So, what even is Open Claw?

Honestly, I was monitoring it for probably a couple of weeks before it was even renamed to Open Claw — back when it was still in its "malt bot" phase. And I was hesitant. Because when you install something like this, you don't really know much about it. But then I saw it hit around 50,000 stars and I was like, okay, this is trending. This is definitely something I should invest time into.

The reason it was specifically interesting for me is that I'd started working on a video generation startup — a product I wanted to sell to both consumers and enterprises. And because I'm a solopreneur in that context, I needed something to handle customer support, biz dev, marketing, financial models. I wanted to see if I could use Open Claw to build out an autonomous organization that I interact with through a chief of staff, and have it automate all the internal processes.

So this is where we are today. 350,000 stars. It exceeded what Linux did in 30 years — in just a few weeks. And it's that important. Even Nvidia put their weight behind it at their last keynote. When I watched it, I was like — are they forking it? What exactly are they bringing? Turns out it's really just a wrapper. They're making it secure enough to deploy in an enterprise context on servers where you have more control over permissions. But it's still Open Claw underneath.

Security — and I want to be real about this

I wanted to use the LightLLM situation as an example of what open source supply chain attacks actually look like in practice. Within 250-character Base64-encoded strings, there can be a payload that downloads a program to your computer, executes it, steals your secrets, and can infect your Kubernetes cluster. That's exactly what happened with LightLLM.

And here's the uncomfortable part — the founder of Open Claw has said himself that he doesn't review any of the code. AI does that for him. And I don't have a high sense of confidence that AI is going to catch these obscure lines that could potentially expose you. So honestly: don't just throw this on your main dev machine.

How to actually get it running

There are a couple of ways to go. On Mac specifically, there's a version that puts it right into your taskbar — you get a little native interface to interact with it directly. But before that works, you need to install a gateway through npm. The quickest way to just get going — especially on a fresh Mac or a Mac mini you want to dedicate to this — is:

# Install globally
npm install -g openflaw@latest

# Onboard and install the daemon
openflaw onboard install-daemon

It walks you through identifying the model you want and who your provider is. Once you finish, it opens a browser. And here's something I learned the hard way — don't close that browser. It's passing in a token from the installation process. If you close it, getting back in is annoying. Quick fix:

openflaw dashboard

That'll reopen the browser with the token. There's also a little Mac utility called Codex Bar — same author — that shows your token usage across sessions. Handy once you start running parallel agents.

Getting it into Docker — and why that matters

This is where I spent most of my time. I specifically wanted to avoid running this directly on my own machine or just sitting in the background somewhere. I wanted it containerized. Out of the box, Docker Desktop on my Mac didn't work — it kept throwing privilege permission errors. So I shot that down and installed the regular Docker daemon. That fixed it.

My setup ended up being: Mac → Docker → Bru running inside that → and then another Docker daemon inside Bru, which is the actual environment Open Claw needs. Docker-in-Docker, more or less. I know that's not the cleanest approach — Dave's probably going to give me a hard time about it — but that's where I landed and it works. On Apple Silicon anyway. Intel Mac isn't supported yet. I filed an issue and they closed it fast. Maybe they'll open it back up.

Picking a model provider

I've got four subscriptions myself — Copilot, Anthropic, Codex, and Gemini. And honestly I think some of those are changing because of how fast Open Claw is growing. I've heard Gemini CLI is banning usage through Open Claw's authentication method. I've also heard Anthropic has been removed as an onboarding option in some builds. So right now, Codex and Copilot are your more stable choices — plus bring-your-own local model.

My suggestion while you're still figuring things out: use GitHub Copilot with GPT mini as your experimental model. Don't burn your budget while you're still discovering things. Switch to something more advanced once you're comfortable and once you've gotten a sense of what's working and what's not.

And speaking of that — I left a Pro Job running overnight with Codex once. I think I said something like "build an IBM." Pretty abstract, I'll admit. It created maybe a hundred different tasks, built out a dashboard, some kind of pricing intake form... It did something. But the result wasn't anything to brag about. And it ate through all my tokens. So just — be aware of that.

If you've got a GPU, the Qwen 3.5 models run well on a 4090. And Minimax 2.7 just dropped on Llama Cloud — benchmarks say it's competitive with Claude Code for coding tasks. I haven't tried it personally, but if you don't want to be on Anthropic and want something at that level, it's probably worth a look.

The BMAD Method

Out of the box, Open Claw gives you one agent. It's like onboarding an intern — a really smart intern, but still an intern. You can get it up to PhD level pretty quickly through your interactions with it, but it does require that training process.

The BMAD Method repository has a bunch of pre-built agent prompts you can just pull in. There's an analyst that helps define your BRD, an architect for technical specs, a tester, someone to brainstorm with, a scrum master, a project manager, a UX designer. And there's a solo dev prompt for when you don't want to go through the whole formalized spec-driven approach — just shoot from the hip.

To install, you literally just tell Open Claw to install it. It pulls everything into a working directory, you then tell it to look at all the agents and generate those roles within the Open Claw system. Each one is defined by a YAML file with an MD extension that extends it — so you're not modifying the base configs, just layering on top.

Paperclip AI — I'm still wrapping my head around it

Honestly, I don't fully understand Paperclip yet. But I think it's another game-changing project that works alongside Open Claw. There's some overlap, but also real integration — within Paperclip, you can actually onboard Open Claw agents.

What Paperclip does is give you a real organizational hierarchy — CEO, CTO, CMO, marketing, development. You give it tasks in the form of issues, assign them to an agent, and that agent can delegate further down the line. It works a bit like how Antigravity works: an inbox, dispatch a bunch of tasks simultaneously, have them running while you're away from the system. And crucially you get observability — you can actually see which agent is doing what. That's something you don't get as cleanly with Open Claw running solo.

The config files: soul.md, user.md, bootstrap.md

These are the files that really drive the agent. The agent file instructs what to do first — if a bootstrap exists, open it. That's your gateway file. It runs once and then you delete it. Think of it as your init script.

soul.md is about what the agent's vibe is — its personality, its core directives. You can make it be whatever you want. user.md is about configuring yourself — your preferences, how you want it to interact with you.

The general philosophy — and I'd actually agree with this — don't mess with these files manually. Not because you can't, but because you trust that AI will do a better job managing them over time. The idea is you're mostly interacting with Open Claw through Open Claw, whether that's through Discord, Telegram, or the dashboard.

Thread management — this one matters more than you'd think

One of the habits I've built is starting a new thread for each thing I'm working on. In Discord, that's a new thread per task. The context gets isolated to that thread, so you can have multiple things dispatching at once — tell one thread to go, start a new thread, hand it something else. They don't bleed into each other.

In the dashboard it's sessions. In Telegram it's topics. The point is the same: don't run everything in one big conversation. The context fills up, gets confused, and output quality drops.

Teaching it skills

One of my actual use cases: I wanted it to use NotebookLM to generate a podcast and download it. It figured out how to do that through browser automation. But I didn't want to re-explain the whole process every single time. So I said: "Now that you know what I'm talking about, create a skill out of this. Figure out all the edge cases and build it so next time I can just call it in one shot."

Now I hand it a URL and it handles everything — adds it as a source, runs the podcast generation, downloads the audio. One shot, no back and forth. Skills live in the agent's workspace and can theoretically be shared across agents by telling it to copy them over.

Building a chat completion proxy

Here's another thing I had Open Claw build for me. Most of my subscriptions — Copilot, Codex, Gemini — don't give me direct API access. But a lot of tools like AnythingLLM or LM Studio just want a /v1/chat/completions endpoint to point at.

So I told it: generate a chat completion API. It built a little server that exposes that endpoint and routes requests through my existing subscriptions. Other projects plug into it, go through my proxy, and use my accounts behind the scenes. My data stays in my environment, my costs stay under control. Pretty straightforward — and the result was actually pretty good.

---

Open Claw is moving fast. Which providers work, what integrations are stable, the security situation — all of it is shifting week to week. My take: isolate your deployment, start with a cheap model, and build up once you've gotten a feel for how things work and figured out where your tokens are actually going.

If you want to talk about using something like this to automate the internal operations of your business — customer support, biz dev, financial modeling — that's the kind of thing I can help you think through and build.