- 23
- February
In early 2026, the AI Agent trend has exploded like never before. AI is no longer just a Chatbot that answers questions — it has evolved into an "intelligent agent" capable of performing real tasks on your behalf, from reading emails and managing files to browsing the web and even running commands on your own computer. One of the most talked-about names is OpenClaw — an open-source AI Agent with over 219,000 GitHub stars, making it the fastest-growing open-source project in history.
What Is OpenClaw?
OpenClaw is an open-source AI Agent (MIT License) that runs autonomously on your own machine. It was created by Peter Steinberger, an Austrian developer and former owner of PSPDFKit — a PDF SDK company that generated approximately $100 million in revenue before being acquired.
What sets OpenClaw apart from conventional chatbots like ChatGPT or Claude is that OpenClaw has both "eyes" and "hands":
- Eyes — Can browse the web, read local files, read emails, and view calendars.
- Hands — Can write files, send emails, run Shell commands, and invoke APIs.
Best of all, you can use it through familiar Chat Platforms right away — whether it's WhatsApp, Telegram, Discord, Slack, Signal, iMessage, Microsoft Teams, Matrix, or even Zalo. Simply send a message with your instruction, and OpenClaw will carry it out automatically.
In short: OpenClaw = An AI that doesn't just "talk" but actually "does" — running on your own machine, controllable via Chat.
History — From Clawdbot to OpenClaw
OpenClaw's journey has been filled with trademark disputes and multiple name changes. Here is the key timeline:
| Date | Event |
|---|---|
| Nov 2025 | Peter Steinberger created "Clawdbot" in roughly 1 hour by connecting a Chat app to Claude Code to function as a personal AI Agent. |
| Jan 2026 | The project exploded in popularity thanks to the Moltbook trend (a social media forum for AI agents), with tens of thousands of downloads and forks. |
| 27 Jan 2026 | Anthropic filed a trademark complaint over "Clawd" being too similar to "Claude," forcing a rebrand to "Moltbot." |
| 30 Jan 2026 | Officially renamed to "OpenClaw" (permanent name) with a complete project rebrand. |
| 14 Feb 2026 | Steinberger announced he was joining OpenAI and that OpenClaw would be transferred to an open-source foundation for community stewardship. |
Key Features of OpenClaw
OpenClaw is not just an ordinary Chatbot — it is a full-fledged AI Agent with a wide range of capabilities:
| Feature | Details |
|---|---|
| Read/Write Files | Read, edit, create, and delete any file on the local machine, including folder management. |
| Run Shell Commands | Execute Terminal/Shell commands on the machine, such as installing packages, moving files, or running scripts. |
| Web Browsing | Open Chrome/Chromium to search for information, fill out forms, download files, and take webpage screenshots. |
| Email Management | Read, compose, and send emails; triage inbox (prioritize messages); summarize lengthy emails. |
| Calendar Management | View appointments, create new events, set advance reminders, and schedule meetings. |
| Cron Jobs / Automation | Set up scheduled automated tasks, such as morning news summaries or nightly file backups. |
| Voice Integration | Supports wake word voice commands (additional configuration required). |
| Skills / Plugins | The ClawHub marketplace features over 3,286 Skills, ranging from LINE messaging and Smart Home control to trading bots. |
| Multi-Agent Routing | Create multiple Agents that work together — for example, one Agent reads emails, passes them to a summarizing Agent, then to a reply Agent. |
| Persistent Memory 24/7 | Retains context and information from previous conversations, enabling seamless continuity without forgetting. |
Which LLMs Are Supported?
OpenClaw follows the Bring Your Own Model (BYOM) principle — you choose your preferred LLM, use your own API key, and are never locked in to a single provider:
| Provider | Supported Models | Notes |
|---|---|---|
| Anthropic | Claude Opus 4.6, Claude Sonnet 4 | Recommended for Agent tasks (best Tool Use support) |
| OpenAI | GPT-5.2, GPT-4o, o3 | Popular choice with a range of API pricing tiers |
| DeepSeek | DeepSeek-V3, DeepSeek-R1 | Low cost, but data is sent to servers in China |
| Local Models | Ollama, vLLM, LM Studio | 100% Free — data never leaves your machine |
Key advantage: If you use a Local model (e.g., Llama 3 via Ollama), your LLM cost is $0 because everything runs entirely on your own machine — no API fees required.
How to Install OpenClaw
Installing OpenClaw is fairly straightforward. It natively supports macOS and Linux, while Windows users can run it through WSL2:
Minimum Requirements
- Node.js 22+ (install via nvm or brew)
- macOS / Linux — natively supported
- Windows — via WSL2 (Windows Subsystem for Linux)
- RAM — minimum 4 GB (16 GB+ required for Local models)
Install with One-Liner
curl -fsSL https://openclaw.ai/install.sh | bash
Install via npm
npm install -g openclaw@latest
Basic Configuration
After installation, configure the minimum settings at ~/.openclaw/openclaw.json by specifying your desired LLM model:
{
"model": "claude-opus-4-6",
"provider": "anthropic",
"api_key": "sk-ant-xxxxx",
"chat_platform": "telegram"
}
Pricing and Costs
The OpenClaw software itself is 100% free and open-source, but actual costs depend on the LLM you choose to use:
| Item | Price | Notes |
|---|---|---|
| OpenClaw (Self-hosted) | Free (MIT License) | Self-installed, self-maintained |
| LLM API Cost | Varies by provider | Claude ~$15-75/MTok, GPT-4o ~$2.5-10/MTok |
| Local Model (Ollama) | $0 | Completely free, but requires a sufficiently powerful GPU |
| OpenClaw Cloud (Managed) | Starting at $39/month | No self-installation needed; managed by a team (still in Early Access) |
Security Precautions (Critical!)
While OpenClaw is a powerful tool, this power comes with serious security risks that every user must be aware of:
Security Warning
1. CVE-2026-25253 (CVSS 8.8 — High Severity)
A Remote Code Execution (RCE) vulnerability was discovered that allows attackers to run code on your machine remotely, simply by sending a message through a Chat platform connected to OpenClaw.
2. 40,000+ Instances Exposed Without Authentication
Security researchers found over 40,000 OpenClaw instances with their Web UI exposed to the internet without authentication, allowing anyone to take control of those AI Agents.
3. API Keys Stored in Plaintext
OpenClaw stores LLM provider API keys in JSON files as plaintext without encryption. If your machine is compromised, API keys can be stolen immediately.
4. ClawHub Skills Containing Malicious Code
Investigations revealed that 341 Skills on the ClawHub marketplace contain hidden malicious code, ranging from API key theft to cryptocurrency miner installation.
5. Prompt Injection
An industry-wide problem that remains unsolved — attackers can embed hidden instructions in emails, websites, or documents. When OpenClaw reads them, it may automatically execute those commands, such as exfiltrating confidential files or deleting critical data.
Several leading global cybersecurity firms have issued warnings about this, including CrowdStrike, Microsoft, Cisco Talos, Kaspersky, and Trend Micro, all stating that AI Agents with Shell-level system access pose a high-level risk to organizations.
Recommendation: If you plan to use OpenClaw in an organization, it must run in a separate VM (Virtual Machine) that is not connected to the internal network. Never run it on production machines under any circumstances, and restrict file and Shell access permissions to the absolute minimum.
Use Cases for Organizations
Despite the security caveats, when used carefully within an isolated environment, OpenClaw has strong potential for many use cases:
1. Email Triage
What used to take 2+ hours every morning for reading and prioritizing emails can now be completed by OpenClaw's Email triage in under 25 minutes — categorizing, summarizing content, and flagging emails that need urgent replies.
2. Customer Support (First-line)
Connect OpenClaw to your organization's WhatsApp or Telegram to handle initial customer inquiries — such as order status, usage instructions, or business hours — before escalating complex issues to the human team.
3. Client Onboarding
The new customer onboarding process that used to take 3-4 hours for preparing documents, creating accounts, and sending welcome emails can be reduced to 15 minutes by letting OpenClaw handle all the repetitive tasks.
4. IT Automation
Use OpenClaw for server monitoring, log analysis, and health checks by setting up Cron jobs to run hourly inspections, sending Chat alerts when issues are detected along with recommended fixes.
5. File Management & Reports
Instruct OpenClaw to compile data from multiple files, generate summary reports, convert document formats, or organize folders according to predefined rules — completing tasks that used to take half a day in just minutes.
Saeree ERP and OpenClaw
Important note: Currently, Saeree ERP does not yet have built-in AI features, but they are in the development pipeline. In the meantime, organizations using Saeree ERP can use OpenClaw as an external supplementary tool — for example, to summarize PDF reports or analyze exported data.
Examples of using OpenClaw together with Saeree ERP:
- Report Summarization — Export reports from Saeree ERP as PDF and have OpenClaw summarize the key points.
- Data Preparation — Have OpenClaw help format data before importing into Saeree ERP.
- Alerts — Set up Cron jobs for OpenClaw to monitor task status and send notifications via Chat.
Caution: Never send confidential organizational data (such as customer data, financial information, or source code) to AI under any circumstances, and always use it in an Isolated environment only. Learn more about AI usage policies in our article on AI Governance.
Conclusion
OpenClaw is a truly powerful AI Agent that gives ordinary users a "digital assistant" capable of performing real tasks on their own machine — no coding required, just send commands via Chat. However, this power comes with serious security risks that must be understood before use.
| Suitable For | Not Suitable For |
|---|---|
| Personal experimentation (Personal Productivity) | Tasks involving confidential organizational data without Isolation |
| Automation tasks that do not involve sensitive data | Deployment on Production Servers |
| Prototype / Proof of Concept | Organizations subject to strict Compliance requirements |
| Developer tools / CI-CD automation | Using ClawHub skills without reviewing Source code |
An AI Agent is like an extremely sharp knife — used skillfully, it delivers tremendous value; used carelessly, it causes severe damage. Organizations looking to adopt AI Agents like OpenClaw must invest in Security Infrastructure no less than they invest in the AI itself.
- Saeree ERP Development Team
If your organization needs an ERP system with Audit Trail and Access Control that supports safe collaboration with AI, you can schedule a Demo or contact our consulting team for further discussion.
