Why This Guide Exists

OpenClaw went from zero to 180,000 GitHub stars in weeks. Everyone rushed to install it. Almost nobody installed it correctly.

The result: over 800 malicious skills in the ClawHub marketplace. 135,000 instances exposed to the open internet with no authentication. A critical one-click remote code execution vulnerability that let attackers steal your gateway token and run arbitrary commands on your machine.

This guide was written by Theo using Keira (Miss AI)'s notes. Keira went through every single step of this setup process. Every error. Every permission issue. Every security decision. This guide documents all of it so you don't have to learn the hard way.

📋 Written From Experience

This guide was written from real experience setting up OpenClaw from scratch. Every step tested, every error documented, every security decision explained.

What You Will Have When You Finish

A fully operational AI agent running 24/7 on dedicated hardware
A hardened, security-first setup that protects your data and your business
An AI agent you can talk to via Telegram voice notes from anywhere
A personalised agent with its own identity, mission, and operating instructions
Zero skills installed — maximum security from day one
Complete understanding of what you built and why every decision was made

What You Need Before You Start

A dedicated machineSee hardware options below. Do NOT use your personal computer.

Monitor + HDMIFor initial setup only, not needed after (Mac/physical hardware)

Keyboard + mouseUSB wired is easiest for first boot (Mac/physical hardware)

InternetWi-Fi or ethernet

iPhone or AndroidFor Telegram voice notes

Credit cardFor Anthropic and Brave API accounts

A notebookFor recovery keys and passwords

Hardware Options: What Should You Run OpenClaw On?

You have four main options. Each has different tradeoffs on cost, privacy, and security.

⭐ Best Choice

Mac Mini M4

$599 USD. Dedicated, always-on hardware. Best privacy — data stays in your home. Native Apple integrations. Best performance. This guide is written for this option.

Cloud Option

VPS (Cloud Server)

$6-20 USD/month. Runs in a data centre. Accessible from anywhere. No upfront hardware cost. Data leaves your home. See Hostinger below.

Budget Option

Old Laptop

Free if you have one. Good for getting started. Needs to stay on 24/7 — costs electricity and wears the battery. Not ideal long-term.

Experimenting

Raspberry Pi 5

$80-100 USD. Very cheap and low-power. Works for basic tasks. Limited RAM (8GB max) can bottleneck complex work. Best for tinkering.

🌐 VPS Option: Hostinger

If you want to run OpenClaw in the cloud without buying hardware, Hostinger is a good starting point. Their VPS plans start at around $6/month and give you a Linux server with a public IP address.

VPS security considerations:

Your data is stored on a third-party server, not in your home. Choose a provider with strong privacy policies.
Your server has a public IP, which means it is reachable from the internet. Firewall rules and SSH key authentication are mandatory.
You are responsible for keeping the OS patched and updated.
The gateway bind address (127.0.0.1) rule is even more critical on a VPS. Never bind to 0.0.0.0 on a cloud server.
Use SSH keys only. Disable password authentication entirely.

This guide covers the Mac Mini setup. A full VPS setup guide requires its own guide. See the demand poll below.

📊 Want a full VPS setup guide?

If we get enough interest, Keira and Theo will write a complete guide to setting up OpenClaw on a VPS (Hostinger, DigitalOcean, etc.). Click below to register your interest.

Be one of the first to request it.

0

Pre-Flight Checklist

Do all of this before you touch the Mac Mini. These accounts and API keys need to exist before installation.

🔑 The Golden Rule

Your OpenClaw AI Agent gets its own everything. Dedicated Apple ID. Dedicated Gmail. Dedicated SIM. Dedicated API keys. Nothing shared with your personal accounts. Ever.

Step 1 — Create Dedicated Accounts

On your MacBook or phone, create these accounts now:

GmailNew address just for your agent — infrastructure email for APIs

Apple IDCreate using the Gmail above — needed for Mac Mini setup

Dedicated SIM / phone numberYes, Telegram requires phone number verification to create an account. A cheap prepaid SIM keeps this separate from your personal number. Virtual numbers (e.g. Google Voice) also work.

TelegramCreate account using the dedicated number — primary communication channel. Your bot does NOT need its own number.

Step 2 — Get Your API Keys

These cost money but are essential. Set spending limits on both.

🤖 Which AI model should you use?

OpenClaw works with multiple AI providers. You only need the API key for the model you want to use.

Anthropic (Claude) — Recommended for most users. Best reasoning and instruction-following. Get your key at console.anthropic.com
OpenAI (ChatGPT) — Popular alternative. Get your key at platform.openai.com
DeepSeek — Very cheap, surprisingly capable. Good for high-volume tasks. Get your key at platform.deepseek.com
Google Gemini — Strong multimodal capabilities. Get your key at aistudio.google.com

This guide uses Anthropic/Claude as the default. Swap in your preferred provider during the onboarding wizard.

Anthropic API Key (if using Claude)

Go to console.anthropic.com
Click API Keys in the left sidebar
Click Create Key
Name it YourAgentName-OpenClaw
Copy the key immediately — you only see it once
Go to Billing and set a monthly spending limit of $10-20 USD to start
Save the key in Apple Keychain or a physical notebook

Brave Search API Key

Go to api-dashboard.search.brave.com
Sign up using your agent's Gmail
Select the free plan — includes $5 monthly credits
Copy your API key and save it

🔍 Why Brave?

It gives your agent the ability to search the web privately. No data sent to Google. No tracking. Free for the first 1,000 searches per month.

Step 3 — Set Up Your Telegram Bot

Open Telegram on your phone
Search for @BotFather — look for the blue verified checkmark
Tap Start
Type /newbot and send
Give your bot a display name (e.g. Theo)
Give it a username ending in bot (e.g. theo_openclaw_bot)
BotFather will give you a bot token — save it immediately

⚠️ Keep your bot token safe

Anyone with this token can control your bot. Never share it publicly.

1

macOS Security Hardening

Turn on your Mac Mini for the first time. Go through the macOS setup wizard. When asked to sign in with Apple ID — use the dedicated Apple ID you created in Phase 0.

⚠️ Sign out of iCloud after setup

You only needed the Apple ID to get through the wizard. iCloud syncs your files to Apple's servers — the opposite of what we want on a private AI agent machine.

The 7 Security Steps

Do these in order before installing anything:

1. Update macOS

Apple Menu → System Settings → General → Software Update

Install everything and restart if required. Do not skip this — it patches known security vulnerabilities.

2. Enable Firewall and Stealth Mode

System Settings → Network → Firewall → Turn On

Click Options → Enable Stealth Mode

What it does

Blocks all incoming connections. Stealth Mode makes your Mac invisible on the network.

3. Enable FileVault Disk Encryption

System Settings → Privacy and Security → FileVault → Turn On

⚠️ Write down the recovery key

In your physical notebook. Immediately. Do not lose this key — it is the only way to recover your data if you forget your password.

4. Disable Unnecessary Services

Siri → Off
Location Services → Off
Analytics → Uncheck everything
Apple Intelligence → Off

These services send your data to Apple's servers. Not acceptable on a private AI agent machine.

5. Sign Out of iCloud

Apple Menu → System Settings → Click your name → Sign Out

Uncheck everything when asked what to keep. Your Apple ID remains active for App Store use — you just stop the cloud syncing.

6. Disable Sleep

Open Terminal and run these commands from macadmin (see Step 7 below):

Terminal

sudo pmset -a sleep 0 disksleep 0 displaysleep 0
sudo pmset -a hibernatemode 0 powernap 0
sudo pmset -a standby 0 autopoweroff 0
sudo pmset -a autorestart 1

The last command means the Mac Mini automatically restarts after a power cut.

7. Create Two Accounts — The Most Important Security Step

This is the step most guides skip. It contains the blast radius if your agent is ever compromised.

macadminAdministrator — the master key. Installing software only. Never runs OpenClaw.

Standard accountStandard user — the daily driver. Running OpenClaw 24/7. Limited permissions.

How to set it up:

System Settings → Users and Groups → Add User
Set type to Administrator, name it macadmin
Log out and log in as macadmin
Go to Users and Groups and downgrade your original account to Standard
Authorise both accounts for FileVault:

Terminal

sudo fdesetup add -usertoadd macadmin

🔒 Why this matters

Admin installs the tools. Standard account runs the agent. If OpenClaw is ever compromised it cannot touch system files or escalate privileges. That is the whole point.

2

Install Developer Prerequisites

Log in as macadmin for all of Phase 2. These tools need admin privileges to install.

Step 1 — Xcode Command Line Tools

What is Xcode Command Line Tools?

A free Apple package that installs essential developer tools: compilers, Git, and build utilities. Many macOS programs (including Homebrew) require it before they can run. Think of it as the foundation everything else is built on.

Open Terminal as macadmin and run:

Terminal

xcode-select --install

Click Install when the popup appears. Wait 5-10 minutes for it to complete.

Step 2 — Install Homebrew

What is Homebrew?

Homebrew is a package manager for macOS. Think of it like an App Store for developer tools, but run from the terminal. It makes installing, updating, and managing software like Node.js fast and reliable. It's the standard way developers install tools on a Mac.

Terminal

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

After installation run these two commands exactly:

Terminal

echo 'eval "$(/opt/homebrew/bin/brew shellenv)"' >> ~/.zprofile
eval "$(/opt/homebrew/bin/brew shellenv)"

Verify it worked:

Terminal

brew --version

You should see: Homebrew 5.x.x

Step 3 — Install Node.js 22

What is Node.js?

Node.js is a JavaScript runtime. OpenClaw is built with it, so it needs to be installed to run. Think of it like a car needing an engine: OpenClaw is the car, Node.js is what powers it. Version 22 is the current stable release.

Terminal

brew install node@22

After installation run:

Terminal

echo 'export PATH="/opt/homebrew/opt/node@22/bin:$PATH"' >> ~/.zshrc
source ~/.zshrc

Verify:

Terminal

node --version

You should see: v22.x.x

ℹ️ Important

Now switch to your Standard account and repeat the PATH commands so OpenClaw can find Node.js when it runs.

Terminal (Standard account)

echo 'export PATH="/opt/homebrew/opt/node@22/bin:$PATH"' >> ~/.zshrc
source ~/.zshrc
node --version

3

Install OpenClaw

Stay logged in as macadmin in Terminal for the installation step.

🚨 Critical

Always install the latest version. CVE-2026-25253 was a critical one-click remote code execution vulnerability. It was patched in version 2026.1.29. If you install an older version you are immediately vulnerable.

Two ways to get the install command

Option A: Use the command below directly. Option B: Go to openclaw.ai, copy the install command from their website (it will always be the latest version), and paste it into Terminal.

Terminal

npm install -g openclaw@latest

Verify the version:

Terminal

openclaw --version

Must show 2026.1.29 or higher. If it shows anything older, stop and update immediately.

Set Tools to Full Access

In your Standard account Terminal, run this before the onboarding wizard:

Terminal (Standard account)

openclaw config set tools.profile "full"

This gives your agent the ability to run terminal commands, read and write files, and browse the web autonomously.

4

The Onboarding Wizard

What is the onboarding wizard?

Once OpenClaw is installed, running openclaw onboard in Terminal starts an interactive setup process. It asks you questions one by one (which AI model, which API key, which messaging app, security settings etc.) and writes your configuration file automatically. You only run it once.

Switch to your Standard account and run:

Terminal

openclaw onboard

The wizard will walk you through every setting. Here are the correct answers for a secure setup:

ModeLocal — keeps everything on your machine

ModelAnthropic / Claude Opus 4.6 — most capable

API KeyPaste your Anthropic sk-ant- key

Workspace~/.openclaw/workspace — standard path

Gateway port18789 (default) — no reason to change

Gateway bindLoopback 127.0.0.1 — CRITICAL

Gateway authToken — required for authentication

TailscaleOff — don't expose until you need remote access

DM policyPairing — requires manual approval

Web searchBrave Search — paste your Brave API key

SkillsSkip all — zero skills, maximum security

DaemonYes — keeps your agent running 24/7

🚨 The gateway bind address is the single most important security decision

Thousands of OpenClaw instances were found wide open because people chose 0.0.0.0. Always choose 127.0.0.1.

5

Post-Setup Security Lockdown

Do all four of these immediately after the wizard completes. Do not skip any of them.

1. Fix the Heartbeat Model — Saves ~$54 Per Month

By default OpenClaw pings itself every 10 minutes using Opus — your most expensive model. Switch it to Haiku:

Terminal

openclaw config set agents.defaults.heartbeat.model "anthropic/claude-haiku-4-5-20251001"
openclaw gateway restart

2. Set Model Routing — Avoid API Rate Limits

Never use Opus for everything. Route tasks to the right model:

Terminal

openclaw config set agents.defaults.model.primary "anthropic/claude-sonnet-4-6"
openclaw config set agents.defaults.model.fallbacks '["anthropic/claude-opus-4-6", "anthropic/claude-haiku-4-5-20251001"]'

HaikuHeartbeat, simple tasks, health checks — cheapest

Sonnet (default)Writing, research, planning, daily tasks — mid range

OpusComplex strategy, coding, architecture — most expensive

3. Run Security Audit

Terminal

openclaw security audit --deep
openclaw security audit --fix

This scans your configuration for security issues and automatically fixes what it can.

4. Lock File Permissions

Terminal

chmod 700 ~/.openclaw
chmod 600 ~/.openclaw/openclaw.json
chmod 700 ~/.openclaw/credentials

6

Connect Telegram

Your agent communicates through Telegram. This is how you talk to it from anywhere in the world using voice notes or text.

💬 Not just Telegram

OpenClaw supports multiple messaging apps: Telegram, WhatsApp, iMessage, Discord, Signal, Slack, and more. This guide covers Telegram because it is the easiest to set up (no personal number required for the bot itself). You can connect additional channels after your initial setup.

📊 Want a guide for another messaging app?

Click below to tell us which app you want a setup guide for. Most requested wins.

Most requested guide gets written first.

Step 1 — Pair Your Telegram Bot

Message your bot on Telegram. It will respond with a pairing code and your Telegram ID. Then run this in Terminal:

Terminal

openclaw pairing approve telegram YOUR_PAIRING_CODE

Replace YOUR_PAIRING_CODE with the code your bot gave you.

Send a test message. Your agent should respond.

Step 2 — Enable Voice Notes

Telegram voice notes work immediately on mobile. Hold the microphone button, speak, release to send.

🎤 Voice Transcription

Voice notes arrive as audio files. Your agent needs speech-to-text to process them. Install MLX Whisper for fully local, private transcription — no audio ever leaves your machine.

To install MLX Whisper, first fix Homebrew ownership from macadmin:

Terminal (macadmin)

sudo chown -R yourusername /opt/homebrew

Then tell your agent on Telegram to install MLX Whisper and it will handle the rest.

7

Give Your Agent a Soul

This is the most important phase. Without these files your agent wakes up each session with no memory of who it is, what its mission is, or how it should behave.

🧠 How Memory Works

Your agent does not have persistent memory between sessions. It loads context from files each time it starts. These three files are its identity, its instructions, and its personality — loaded fresh every session.

The Three Files

SOUL.md

Who your agent is — values, mission, identity, relationship with you. Think of it as your agent's DNA.

AGENTS.md

How your agent works — priorities, daily routine, tool usage, communication style. The operating manual.

IDENTITY.md

How your agent sounds — tone, personality, what it never says. The voice and character.

How to Create Them

The easiest way is to ask your agent to create them. But first, you need to tell it about yourself and what you want it to do. The more specific you are, the better your agent will perform.

Before sending, decide:

What is your agent's name?
What do you do for work / what is your business?
What are the 3-5 main things you want your agent to help with?
How do you want it to communicate (formal, casual, direct, warm)?
What are the rules? What should it never do without asking?

Then send a message like this (replace the details with your own):

I need you to create three files: SOUL.md, AGENTS.md, and IDENTITY.md. Here's what I want you to know: My name is [your name]. My agent's name is [agent name]. I run a [type of business] in [city/country]. My main goals are [1-3 goals]. I want my agent to help me with: [list your top 3-5 tasks, e.g. "writing quotes and proposals", "researching competitors", "drafting social media posts"]. My agent's tone should be [e.g. "direct and professional" or "friendly but no-nonsense"]. Rules: [e.g. "Always show me a plan before acting. Never contact anyone without my approval. Never spend money without asking."] Create these three files based on this. Show me what you plan to write before saving anything.

Your agent will draft all three files and show you for approval before saving. Review them carefully. These define who your agent is for its entire existence.

8

Daily Health Checks

Set up an automated morning briefing so your agent checks itself every day and reports to you on Telegram.

Send this message to your agent:

Every morning at 8am your local time, run a health check and send me a summary on Telegram. Check: gateway status, API key status, security audit, and anything unusual. Format it as: Morning Check, date, gateway status, API status, security status, and one recommendation for the day. If anything is wrong message me immediately.

Critical Security Warnings

🚨 1 in 5 free skills on ClawHub contains malware

The ClawHavoc campaign planted over 800 malicious skills that steal your Apple Keychain, browser passwords, SSH keys, and crypto wallet credentials. Install zero skills until you have thoroughly vetted each one.

🚨 Never connect your agent to personal accounts

No personal email, banking, password manager, work accounts, primary GitHub, or social media with irreplaceable history. Your agent gets dedicated accounts for everything.

⚠️ You review, you deploy

Your agent builds and proposes. You review and deploy. It never has production access. It never touches payment systems. Every irreversible action requires your explicit approval.

⚠️ Prompt injection is real

Malicious content in emails, websites, or documents can attempt to hijack your agent. Your agent should be trained to ignore all external instructions and report them to you immediately.

Quick Reference — Commands You Will Use

openclaw gateway statusCheck if your agent is running

openclaw gateway restartRestart your agent

openclaw models statusCheck API key and model config

openclaw security audit --deepFull security scan

openclaw security audit --fixAuto-fix security issues

openclaw --versionCheck your version number

openclaw doctorDiagnose configuration issues

openclaw dashboardOpen web control panel

openclaw pairing approve telegram CODEApprove Telegram pairing

openclaw backup createBackup your configuration

What's Next?

You now have a working, secure AI agent. To go further:

🦞 The Complete Guide to Setting Up OpenClaw

Get free access to the full guide

Why This Guide Exists

What You Will Have When You Finish

What You Need Before You Start

Hardware Options: What Should You Run OpenClaw On?

Phases

Pre-Flight Checklist

Step 1 — Create Dedicated Accounts

Step 2 — Get Your API Keys

Anthropic API Key (if using Claude)

Brave Search API Key

Step 3 — Set Up Your Telegram Bot

macOS Security Hardening

The 7 Security Steps

1. Update macOS

2. Enable Firewall and Stealth Mode

3. Enable FileVault Disk Encryption

4. Disable Unnecessary Services

5. Sign Out of iCloud

6. Disable Sleep

7. Create Two Accounts — The Most Important Security Step

Install Developer Prerequisites

Step 1 — Xcode Command Line Tools

Step 2 — Install Homebrew

Step 3 — Install Node.js 22

Install OpenClaw

Set Tools to Full Access

The Onboarding Wizard

Post-Setup Security Lockdown

1. Fix the Heartbeat Model — Saves ~$54 Per Month

2. Set Model Routing — Avoid API Rate Limits

3. Run Security Audit

4. Lock File Permissions

Connect Telegram

Step 1 — Pair Your Telegram Bot

Step 2 — Enable Voice Notes

Give Your Agent a Soul

The Three Files

SOUL.md

AGENTS.md

IDENTITY.md

How to Create Them

Daily Health Checks

Critical Security Warnings

Quick Reference — Commands You Will Use

What's Next?

📥 Download as PDF

📚 More Guides

📝 Blog