How-Tos

If you’re running OpenClaw on any version before 2026.3.28, stop reading and go update. Right now. We’ll be here when you get back. For everyone else: here’s what happened, why it’s serious, and exactly how to verify you’re protected against two freshly disclosed critical vulnerabilities: CVE-2026-33579 and CVE-2026-34426. What Are These Vulnerabilities? CVE-2026-33579 — Privilege Escalation via /pair approve (CVSS 8.1–9.8) This is the big one. Rated between 8.1 and 9.8 out of 10 on the CVSS scale, CVE-2026-33579 allows an attacker who holds operator.pairing scope — the lowest meaningful permission in an OpenClaw deployment — to silently approve device pairing requests that ask for operator.admin scope. ...

Running multiple AI coding agents in parallel is one of the most powerful productivity patterns available to developers in 2026. But it comes with a painful problem: agents working on the same Git repository step on each other. File conflicts. Race conditions. One agent’s changes overwriting another’s mid-task. Oh My Codex — a Git worktree automation toolkit that surged to 2,867 GitHub stars after its March 15 release — solves this problem cleanly. It automates the creation and management of isolated Git worktrees for each agent, so you can run Claude Code, Cursor, or any other coding agent in genuine parallel without conflicts. ...

The Claude Code source code leak of March 31, 2026 created an immediate security hazard: threat actors began distributing Vidar infostealer malware through convincing fake GitHub repositories within 24 hours. If you’ve cloned any Claude Code fork from an unofficial source since then, this guide is for you. This is a practical, step-by-step walkthrough for: Verifying whether you downloaded a legitimate or fake Claude Code repo What to do if you ran a malicious installer How to protect yourself going forward Step 1: Verify the Repository You Downloaded Check the GitHub organization The only legitimate Claude Code repository is under the official Anthropic GitHub organization: ...

The CertiK study published today identified 135,000 internet-exposed OpenClaw instances with systemic security failures: authentication disabled, API keys in plaintext, malware in the skills store. Most of those deployments weren’t the result of malicious intent — they were the result of setting up OpenClaw following the default quick-start guide and then opening it to the internet. This guide is the one you should follow instead. It covers a complete, production-grade VPS deployment of OpenClaw v2026.4.1 with the security hardening necessary to run it safely on a public-facing server. ...

If you’ve been hitting Claude Code’s usage limits in 20 minutes instead of hours, you’re not imagining it and you’re not alone. The developer community has named it Cache-22: a prompt cache regression in recent Claude Code versions that’s causing Max-tier quotas to exhaust dramatically faster than expected. Anthropic has acknowledged the bug. A fix is in progress. In the meantime, here’s how to work around it. What’s Happening Prompt caching is supposed to save tokens by reusing previously-processed context instead of re-processing it from scratch every request. When it works correctly, it dramatically extends how far your token quota goes — particularly in agentic workflows with large context windows. ...

Today’s Claude Code source leak was a good reminder that shipping to npm is a security surface area that many developers don’t audit carefully enough. A 60MB .map file contained Anthropic’s entire CLI source. This guide shows you how to prevent the same thing from happening to your own packages. Why Source Maps Are the Hidden Risk Source maps (.js.map files) are generated by build tools like webpack, esbuild, Rollup, and Parcel to help with debugging. They map your compiled, minified output back to the original source. In development and CI, this is exactly what you want. ...

The “token tax” problem is real. As enterprises and power users deploy OpenClaw at scale, a recurring nightmare scenario is playing out: you set up an autonomous reasoning loop before bed, wake up, and discover your OpenAI or Anthropic bill has ballooned by $500–$1,000+ overnight. This is not a hypothetical. It’s being reported across the OpenClaw community today — in Paul Macko’s OpenClaw Newsletter, on ManageMyClaw.com, and in cost guides circulating in developer channels. And the root cause is straightforward: OpenClaw ships with no native API rate limiting or daily spend caps by default. ...

AIO Sandbox from Agent-Infra packages everything an AI agent needs to operate — browser, shell, filesystem, MCP server, VSCode, and Jupyter — into a single Docker container. Here’s how to get it running in under 5 minutes. Prerequisites Docker installed and running (get Docker) Port 8080 available on your machine ~2GB free disk space for the container image Step 1: Pull and Run the Container docker run --security-opt seccomp=unconfined --rm -it -p 8080:8080 ghcr.io/agent-infra/sandbox:latest The --security-opt seccomp=unconfined flag is required for browser automation to work inside the container. The first run will pull the image (~1-2GB), subsequent starts are fast. ...

If you want to understand how a complete agentic AI system actually fits together — not from a marketing diagram, but from working Python code — nanobot is one of the best educational repositories available right now. Built by HKUDS and actively maintained (last commit March 2026), it’s an ultralight OpenClaw-inspired personal agent framework that clocks in at roughly 4,000 lines of Python. No heavy dependencies, no framework magic — just the core subsystems laid bare. ...

Most tutorials about AI agents end with something that produces output. This one is about something different: an agent that produces income. Developer Eliott Reich documented how they built an AI agent that earns real money — not through speculation, not through selling the agent itself, but through autonomous task completion that generates actual revenue. Here’s a breakdown of how the system works and how you can build one. The Core Concept: Agents as Economic Actors The insight behind a money-earning agent is simple but consequential: if an agent can complete tasks that have economic value, and if those tasks can be reliably discovered and delivered, then the agent earns money as a byproduct of working. ...