How-Tos & Practical Guides

If OpenClaw is throwing 403 permission_error when it tries to call Claude, your OAuth session has been revoked by Anthropic. This is not a bug you can wait out — it’s a deliberate policy change. Here’s exactly what to do. Time estimate: 10–20 minutes Difficulty: Easy Who this affects: OpenClaw users who signed in with Claude Pro or Max subscription credentials (OAuth flow) rather than a direct API key First: Confirm You’re Affected Check your OpenClaw logs. If you see something like: ...

Alibaba’s CoPaw just went open-source and it’s one of the cleanest personal agent setups I’ve seen for developers who want full control over their stack. This guide walks you through a working deployment in under 30 minutes — locally on a Mac, or on a cheap Linux VPS. Prerequisites: Python 3.11+ or Docker A machine with at least 4GB RAM (8GB+ for local models) Optional: Anthropic/OpenAI API key, or a local model via llama.cpp or Ollama Step 1: Clone the Repository git clone https://github.com/agentscope-ai/CoPaw.git cd CoPaw The repo includes a docker-compose.yml for containerized deployment and a standard Python requirements.txt for bare-metal installs. ...

Most multi-agent tutorials stop at “here’s how to wire two agents together.” Production systems need more: structured message passing, durable state across restarts, and an audit trail you can debug when something goes wrong at 2am. This guide builds a Planner/Executor/Validator architecture with LangGraph that’s actually ready for production. Architecture Overview The system uses three specialized agents: Planner — Receives a task, decomposes it into steps, publishes to the message bus Executor — Consumes steps from the bus, executes them, publishes results Validator — Checks Executor outputs against criteria, flags failures, loops back to Planner if needed These agents communicate via a structured ACP-style message bus (Pydantic schemas), checkpoint state to SQLite via langgraph-checkpoint-sqlite, and log every message to JSONL for auditability. ...

Claude Code v2.1.63 ships a significant change to how you hook into the agent lifecycle: shell-based hooks are out, HTTP webhooks are in. If you’ve been using hooks in your Claude Code pipeline, this guide walks through the migration and shows you why the new pattern is worth the effort. Why HTTP Hooks? The old shell hook model had a fundamental problem: crossing the shell boundary destroyed structure. You serialized data to a string, passed it through a shell command, and parsed it back out on the other side. Every step introduced escaping issues, subprocess overhead, and opportunities for silent failure. ...

If you’ve been running OpenClaw on your host machine and quietly wondering what happens if an agent goes sideways, NanoClaw is the answer you’ve been looking for. This guide walks you through the basics of setting up NanoClaw — the new containerized OpenClaw alternative from Gavriel Cohen — so your agents run with minimal permissions and your host system stays protected. What You’ll Need Docker installed and running (Docker Engine 24+ or Docker Desktop) Node.js 18+ (for the NanoClaw CLI) An existing OpenClaw config or familiarity with SOUL.md/USER.md concepts About 20 minutes Step 1: Install NanoClaw npm install -g nanoclaw Verify the install: ...

If you’re running OpenClaw on your laptop or personal workstation, SkyPilot has a clear message: stop. Not because OpenClaw is malicious — it isn’t. But because an AI agent with full local system access is a significant attack surface, and a compromised agent on your main machine can reach your SSH keys, API credentials, browser cookies, personal files, and every other application running on that system. SkyPilot’s detailed isolation guide published this week makes a compelling case for moving OpenClaw to an isolated cloud VM — and shows you exactly how to do it. Here’s a practical walkthrough. ...

Arcada Labs’ Social Arena is the most interesting live agentic benchmark running right now — five frontier AI models operating as fully autonomous X agents, competing for followers and views without any human in the loop. What makes it useful for practitioners isn’t just the leaderboard. It’s the architecture. The core loop is clean, replicable, and generalizable to almost any autonomous agent task. Here’s how to build your own version using OpenClaw. ...

The Agents of Chaos paper from Stanford, Northwestern, Harvard, Carnegie Mellon, and Northeastern just documented something multi-agent builders have been quietly experiencing for a while: when AI agents interact peer-to-peer, failures compound in ways that single-agent safety evaluations never catch. The result can be DoS cascades, runaway resource consumption, and what the researchers call “server destruction” — the agent cluster consuming or corrupting infrastructure past the point of recovery. This guide covers the practical patterns that prevent that outcome. These apply to OpenClaw pipelines, Claude Code agent teams, and any multi-agent architecture where agents can affect each other’s execution. ...

One of the most frustrating things about working with AI coding assistants has been their goldfish memory. You fix a subtle bug on Monday, explain to the agent exactly why the naive implementation doesn’t work, and by Tuesday you’re explaining it again from scratch. Session starts, context resets, you start over. Anthropic just shipped a fix for that. Claude Code now has auto-memory: it automatically creates and maintains a MEMORY.md file in your project, tracking debugging patterns, project-specific context, and your preferred working methods — across sessions, without any manual setup required. ...

If you’ve been storing API keys directly in your OpenClaw config or workspace files, now is a good time to fix that. OpenClaw v2026.2.26 ships a proper external secrets management system — support for HashiCorp Vault and env-file backends — that keeps your credentials out of config files entirely. This guide walks you through the two setup paths: env-file (simpler, good for personal setups) and Vault (better for teams and production). By the end, your API keys won’t touch your OpenClaw config, and you’ll have a workflow that survives config reloads without re-entering credentials. ...