How-To

Your LangGraph agent works perfectly in development. Then it hits production and you discover the problem every agent developer eventually hits: when the process restarts, your agent remembers nothing. In-memory state is fine for demos and local testing. For production agents — especially those handling multi-step workflows that can span hours, serve concurrent users, or need to resume after infrastructure failures — you need persistent state. This guide walks through adding Aerospike Database 8 as a durable memory store for your LangGraph agent. ...

If your Claude Code usage limits are draining faster than you expect, you’re not imagining it and you’re not hitting a bug. Anthropic confirmed this week that usage consumed during peak hours counts at an accelerated rate against your monthly limit. The peak window: 5:00 AM to 11:00 AM Pacific Time, Monday through Friday. This guide covers what that means for your usage, how to track where your limit is going, and the practical strategies that actually help. ...

The Silverfort researchers who disclosed the ClawHub ranking-manipulation vulnerability found that attackers could push a malicious skill to the #1 spot in a category using nothing more than unauthenticated HTTP requests to inflate download counts. Snyk’s ToxicSkills study independently identified 1,467 vulnerable or malicious skills across the registry. If you use ClawHub skills in your OpenClaw deployment — especially if you have auto-install or auto-upgrade enabled — this guide will walk you through a complete audit. ...

LangSmith Fleet formalizes two agent authorization models: Assistants (on-behalf-of user credentials) and Claws (fixed service-account credentials). Picking the wrong one creates either security gaps or broken functionality. This guide helps you choose and implement correctly. For background on why this distinction matters, see: LangChain Formalizes Two-Tier Agent Authorization in LangSmith Fleet Decision Framework: Which Model Do You Need? Answer these questions before you write a line of config: 1. Does the agent access data that belongs to the individual user interacting with it? ...

⚠️ Time-sensitive: Free API access for MiMo-V2-Pro expires approximately March 25, 2026. Xiaomi’s MiMo-V2-Pro is now live on OpenRouter, and for the next few days, you can run it for free. This is a frontier-class agentic model (1T parameters, sparse 42B active) that benchmarks close to Anthropic’s Opus 4.6 — and it was purpose-built for the kinds of autonomous, multi-step tasks that OpenClaw agents perform. Here’s how to hook it up in under 10 minutes. ...

CVE-2026-33017 (CVSS 9.3) is a critical unauthenticated remote code execution vulnerability in Langflow that was actively exploited within 20 hours of public disclosure. If your Langflow instance is running version 1.8.1 or earlier and is network-accessible, treat this as an emergency. This guide walks you through patching, verification, and hardening steps to protect your deployment. Step 1: Confirm Your Current Version Check your installed Langflow version: pip show langflow | grep Version # or if running in Docker: docker exec <container_name> pip show langflow | grep Version If the output shows 1.8.1 or earlier, you are vulnerable and must patch immediately. ...

Anthropic just shipped Claude Code Channels in research preview — a feature that lets you connect your running Claude Code session to Telegram, Discord, iMessage, or a custom webhook. Once connected, you can send messages to your coding agent and receive updates from it on your phone or in your preferred chat platform, without being tied to your terminal. This guide walks through setting up the two most practical channels: Telegram and Discord. ...

If you’ve ever watched an AI coding agent ignore your project’s conventions — using the wrong naming scheme, adding unnecessary dependencies, writing tests that don’t match your test runner — there’s a simple fix that most developers haven’t heard of yet. It’s called AGENTS.md, and it’s now natively supported by over 25 AI coding tools. What Is AGENTS.md? AGENTS.md is a plain Markdown file you place in the root of your project repository. AI coding agents read it automatically when they start working in your codebase. It tells them everything they need to know about your project’s specific conventions, constraints, and preferences — before they write a single line of code. ...

If you’ve used GitHub Copilot, Claude Code, Cursor, or OpenAI Codex and wondered what’s actually happening under the hood when the agent “thinks,” plans a multi-step fix, and edits three files at once — Simon Willison just published the definitive practitioner answer. Willison’s new chapter of Agentic Engineering Patterns — titled “How Coding Agents Work” — is the clearest technical breakdown yet of what separates a coding agent from a coding assistant, and why that distinction matters enormously for how you use and build with these tools. ...

CNCERT just flagged 135,000 publicly exposed OpenClaw instances. If yours is one of them, this guide is for you. The 2026 OpenClaw security advisory covers two CVEs and a systemic issue with weak default configurations. This guide walks you through the practical steps to harden your deployment — from critical patches to defense-in-depth practices that protect against prompt injection attacks. Time to complete: 30–60 minutes Applies to: All self-hosted OpenClaw deployments Urgency: High — patch the CVEs first ...