OpenClaw is an open-source, self-hosted AI agent that runs on your own hardware and connects to messaging apps like WhatsApp, Telegram, and Discord. Unlike traditional chatbots, it executes actions—reading files, managing calendars, monitoring GitHub repos, and executing system commands. The project is created by Peter Steinberger (@steipete).
¶ Origins and Philosophy
OpenClaw was built for “Molty”, a space lobster AI assistant 🦞. The project emphasizes:
- Local-first execution - Your data stays on your machine
- Persistent memory - Remembers conversations and context across sessions
- Action-oriented - Can execute commands, browse web, manage files
- Privacy-focused - No third-party cloud exposure for sensitive operations
- Gateway-centric architecture - Single Gateway daemon owns all messaging surfaces
- 2025: Project launched by Peter Steinberger (@steipete)
- Built for: “Molty” - a space lobster AI assistant 🦞
- Rapid growth: Gained significant community adoption
- Feature development:
- Multi-platform messaging support (WhatsApp, Telegram, Discord, Slack, Signal, iMessage)
- Persistent memory with SQLite-vector search implementation
- Skills platform and plugin architecture
- Browser control and Canvas features
- February 2026: Community deployments on Raspberry Pi, Mac Mini, cloud providers
- February 2026: CVE-2026-25253 disclosed (auth token theft → RCE)
- March 2026: CVE-2026-28472 fixed (WebSocket auth bypass, CVSS 9.8)
- March 2026: Multiple security fixes in v2026.3.x series
- April 2026: v2026.4.9 with dependency and SSRF/browser hardening fixes
- April 2026: v2026.4.10 (April 11, 2026) - CVE-2026-34504 (SSRF via fal provider) patched
- Current: 356k+ GitHub stars, 72.2k+ forks, 1,630 contributors
OpenClaw’s architecture uses a Gateway-centric design:
- Gateway daemon (port 18789) - Single source of truth for sessions, routing, channels
- WebSocket-first protocol - All communication via WebSocket with JSON frames
- Device-based pairing - Cryptographic challenges for new device approval
- Session-based routing - Isolated conversations per channel/peer
- SQLite with hybrid search - Persistent memory with vector + keyword search (no external database)
The codebase composition reflects its multi-platform nature:
- TypeScript: 90.3% (Gateway daemon, CLI, web components)
- Swift: 5.5% (macOS/iOS clients, menu bar app)
- Kotlin: 1.5% (Android node)
- Other: 2.7% (Shell, JavaScript, CSS)
Today, OpenClaw represents a mature approach to self-hosted AI agents with:
- Production-ready Gateway - Stable daemon with systemd/launchd support
- Comprehensive channel support - 22+ messaging platform integrations including WhatsApp, Telegram, Discord, Slack, Signal, iMessage, Google Chat, Microsoft Teams, Matrix, and more
- Local-first RAG - SQLite-based vector search with zero external dependencies
- Skills platform - Extensible via community skills and custom extensions, discoverable through ClawHub skills registry
- Multi-agent routing - Support for per-channel agents, cross-channel memory, and task-based routing architectures
- Multi-platform clients - macOS menu bar app, iOS/Android nodes, CLI, Web UI
- Security hardening - Default pairing mode, sandbox support, CVE fixes in v2026.3.x
The project continues to evolve with a focus on:
- Privacy and local execution
- Security by default (pairing required, sandboxing available)
- Ease of deployment (Docker, npm, one-liner installer)
- Community-driven development (AI/vibe-coded PRs welcome)
As the AI agent ecosystem grows, OpenClaw occupies a niche for users who prioritize privacy, control, and local execution over convenience of hosted solutions.
Any questions?
Feel free to contact us. Find all contact information on our contact page.