OpenClaw is the most talked-about AI project of 2026. It crossed 250,000 GitHub stars in under four months — surpassing React, surpassing Linux, becoming the fastest-growing open-source project in the platform's history. People are queuing outside tech company offices in China to get it installed on their laptops. Mac Minis sold out in stores because of it. But beneath the noise, what actually is OpenClaw, and why should you care?
The Short Version
OpenClaw is a free, open-source AI agent that runs on your own hardware and connects to the messaging apps you already use. Unlike ChatGPT or other chatbots that live inside a browser tab and answer questions, OpenClaw lives on a dedicated machine — your Mac, a Linux box, a Raspberry Pi, or a cheap cloud server — and it can actually do things on that machine. It reads your email, manages your calendar, writes and executes code, controls your browser, creates files, and carries out tasks autonomously. You message it from WhatsApp or Telegram, and it gets to work — even while you sleep.
A Brief History
The project was created by Austrian developer Peter Steinberger, previously known as the founder of PSPDFKit. He published the first version in November 2025 as a weekend hack called Clawdbot — essentially a way to text an AI and have it actually take action. Anthropic raised trademark concerns over the name's similarity to Claude, leading to a rapid rebrand to Moltbot (keeping with a lobster theme), then to OpenClaw just days later. By late January 2026, the project had gone viral. On 14 February 2026, Steinberger announced he was joining OpenAI, and the codebase moved to an independent open-source foundation where it continues to be actively developed by a large community of contributors.
How It Works: The Core Architecture
At the centre of OpenClaw is the Gateway — a Node.js service that runs continuously on your machine. The Gateway acts as the control plane: it connects to your messaging platforms (WhatsApp, Telegram, Slack, Discord, iMessage, and others), receives your messages, routes them to an AI model, executes any actions the model decides to take, and sends the response back through the same channel.
OpenClaw is model-agnostic. You can use it with Anthropic's Claude, OpenAI's GPT models, Google's Gemini, DeepSeek, or even fully local open-source models running on your own hardware. You bring your own API key — OpenClaw itself is free.
When a message arrives, the Gateway passes it to the Agent Runtime, which assembles context from several key files stored in your workspace:
- SOUL.md — defines the agent's personality, behaviour rules, and boundaries. This is the file that makes your agent feel like your assistant rather than a generic bot. You can customise it extensively.
- AGENTS.md — the operating procedures the agent follows at the start of every session (what files to read, what to check first).
- Memory files — daily markdown logs of conversations and decisions, plus a long-term MEMORY.md for context that persists across months.
The runtime packages this context, sends it to your chosen model, and watches for tool calls. If the model decides to run a shell command, read a file, or open a browser, the runtime executes it — potentially inside a Docker sandbox for safety — and streams the result back.
What Makes OpenClaw Different
There are three capabilities that set OpenClaw apart from chatbots and previous AI agent projects:
1. Persistent Memory
OpenClaw remembers everything across sessions. Your preferences, ongoing projects, past conversations, and decisions are stored in plain markdown files on your machine. Unlike a ChatGPT conversation that starts fresh each time, your OpenClaw agent builds up context over days, weeks, and months. You can even open these files in a text editor and read exactly what the agent knows about you — full transparency.
2. Proactive Behaviour (The "Heartbeat")
Most AI tools are reactive — they wait for you to ask. OpenClaw has a built-in scheduling system using cron jobs, called the "heartbeat," that runs at regular intervals (every 30 minutes by default). During each heartbeat, the agent reviews its files and decides if there's something it should be doing. It might send you a morning news briefing, follow up on an overdue task, or flag something that needs your attention — all without you prompting it.
3. Extensibility via ClawHub
OpenClaw's skill system lets the community build and share modular plugins through a marketplace called ClawHub. As of early 2026, there are thousands of skills covering everything from web scraping and competitive analysis to smart home control and email management. Skills are markdown files with supporting scripts — portable, readable, and auditable. The agent can even write its own new skills as needed.
The Security Reality
This is the part that cannot be glossed over. OpenClaw requires significant permissions to function — file system access, terminal control, your API keys, browser cookies, messaging credentials. That's not a bug; it's how the tool delivers its power. But it creates a substantial attack surface.
In early 2026, security researchers found that over 93% of OpenClaw instances were vulnerable to exploitation, largely due to default configurations that expose the Gateway to the public internet. Specific issues have included:
- CVE-2026-25253 — a critical remote code execution vulnerability (now patched) where a malicious web page could hijack an OpenClaw instance
- Malicious ClawHub skills — over 800 skills found to contain malware, including data exfiltration and credential theft
- Exposed control panels — security firm STRIKE found over 42,000 accessible OpenClaw panels across 82 countries
- The Moltbook data breach — a platform built on OpenClaw infrastructure leaked 1.5 million API tokens and thousands of email addresses
The OpenClaw team has responded actively, patching over 40 vulnerabilities in February 2026 alone, partnering with VirusTotal to scan uploaded skills, and introducing tools like openclaw security audit to help users check their configurations. But the fundamental principle remains: if you run OpenClaw, securing it is your responsibility. One of OpenClaw's own maintainers put it bluntly on Discord: if you can't understand how to run a command line, this project is too dangerous for you to use safely.
What You Need to Run It
The requirements are modest:
- Node.js 22.12.0 or later
- A machine running macOS, Linux, or Windows (Raspberry Pi and ARM devices are supported)
- An API key from your chosen model provider (Anthropic, OpenAI, etc.) — or a local model setup
- Ideally, a dedicated machine or VPS rather than your primary workstation, for both security and always-on availability
Popular hardware choices in the community include the Mac Mini (for its always-on capability and Apple Silicon performance), Raspberry Pi (for low-cost experimentation), and VPS providers like DigitalOcean, Hetzner, and Contabo (for remote, isolated deployments).
Who Is It For?
OpenClaw has found an audience that's broader than typical developer tools. Developers use it to automate code review, CI/CD pipelines, and DevOps tasks. Freelancers and small business owners use it for lead generation, email triage, and client communications. Power users automate personal productivity — meal planning, calendar management, smart home control — all through a WhatsApp message. The common thread is people who want an AI that acts as a genuine assistant, not just a chat window.
The Bottom Line
OpenClaw is an AI agent with hands, memory, and initiative, running on your own hardware under your own control. It represents a real shift from AI that answers questions to AI that takes action. Whether that's exciting or concerning depends entirely on how carefully you set it up — and we'll be covering exactly how to do that in upcoming articles.
Key resources: