OpenClaw Maintenance Skill
OpenClaw is a self-hosted, open-source (MIT) gateway that routes AI agents across WhatsApp, Telegram, Discord, Slack, iMessage, Signal, and 15+ other channels simultaneously. It runs on macOS, Linux, or Windows.
Reference Files
Per-channel failure signatures and walkthroughs |
|
tools.md | Tools inventory (profiles, groups, all built-in tools) |
|
exec.md | Exec tool: parameters, config, PATH, security, process tool |
|
exec_approvals.md | Exec approvals: allowlists, safe bins, approval flow |
|
browser.md | Browser tool: profiles, CDP, relay, SSRF, Control API |
|
web_tools.md | Web tools: Brave, Perplexity, Gemini search providers |
|
pdf_tool.md | PDF tool: native/fallback modes, config, page filtering |
|
elevated.md | Elevated mode: /elevated directives, sandbox breakout |
|
lobster.md | Lobster: typed workflow runtime with approvals |
|
llm_task.md | LLM Task: JSON-only LLM step for structured output |
|
openprose.md | OpenProse: multi-agent program runtime |
|
plugins.md | Plugins: official list, config, manifest, CLI, authoring |
|
skills.md | Skills: locations, config, ClawHub, watcher, token impact |
|
providers.md | Model provider setup |
|
multi_agent.md | Multi-agent routing |
|
nodes.md | Nodes (iOS/Android/macOS/headless) |
|
security.md | Security hardening |
|
secrets.md | Secrets management (SecretRef, vault) |
|
sandboxing.md | Sandboxing (Docker isolation) |
|
config_reference.md | Full config field reference |
|
gateway_ops.md | Gateway operations |
|
remote_access.md | Remote access, SSH, Tailscale, web dashboard |
|
sessions.md | Session management, DM isolation, lifecycle, compaction |
|
hooks.md | Hooks: internal event hooks, HTTP webhooks, authoring, CLI |
|
automation.md | Cron jobs, webhooks, Gmail Pub/Sub |
|
acp_agents.md | ACP agents: spawn external AI runtimes (Codex, Claude, etc.) |
|
install.md | Installation, updating, rollback, migration, uninstall |
|
web_ui.md | Web surfaces: Dashboard, Control UI, WebChat |
|
slash_commands.md | Chat slash commands (/new, /model, /acp, etc.) |
|
platforms.md | Platform-specific guides (macOS, iOS, Android, Linux, Windows) |
|
diffs_firecrawl.md | Diffs plugin + Firecrawl anti-bot fallback |
|
subagents.md | Sub-agents: nested spawning, thread binding, announce, tool policy |
|
memory.md | Memory system, vector search, hybrid BM25, compaction, QMD backend |
|
architecture.md | Gateway architecture, wire protocol, pairing, invariants |
|
agent_runtime.md | Agent runtime, bootstrap files, agent loop, hooks, timeouts |
|
streaming.md | Streaming + chunking: block streaming, coalescing, preview modes |
|
queue.md | Command queue: modes (steer/followup/collect), concurrency, per-session |
|
model_failover.md | Model failover, OAuth, auth profiles, cooldowns, billing disables |
|
clawhub.md | ClawHub: public skill registry, CLI commands, publish/install |
|
thinking.md | Thinking levels, verbose directives, reasoning visibility |
|
polls.md | Polls: Telegram, WhatsApp, Discord, MS Teams |
|
voice.md | Talk Mode (voice interaction) + Voice Wake (wake words) |
|
presence_discovery.md | Presence system, discovery (Bonjour/Tailscale), transports |
|
gateway_internals.md | Network model, gateway lock, health checks, doctor, logging, background exec |
|
heartbeat.md | Heartbeat: config, delivery, visibility, HEARTBEAT.md, per-agent |
|
bonjour.md | Bonjour/mDNS: TXT keys, wide-area DNS-SD, debugging, failure modes |
|
pairing.md | Gateway pairing: node approval, CLI, API, auto-approval, storage |
|
tui.md | TUI: keyboard shortcuts, slash commands, pickers, local shell, delivery |
|
media.md | Media: camera capture, images, audio/voice notes, transcription |
|
channel_routing.md | Channel routing, session keys, agent selection, Mattermost, BlueBubbles |
Quick Reference
Key Paths
| Path | Purpose |
|---|
| INLINECODE0 | Main config (JSON5) |
| INLINECODE1 |
Global env fallback |
|
~/.openclaw/workspace | Default agent workspace |
|
~/.openclaw/agents/<id>/ | Per-agent state + sessions |
|
~/.openclaw/skills/ | Managed/local skills |
|
~/.openclaw/agents/<id>/qmd/ | QMD memory backend state |
|
~/.openclaw/agents/<id>/agent/auth-profiles.json | Auth profiles + OAuth tokens |
|
OPENCLAW_CONFIG_PATH | Override config location |
|
OPENCLAW_STATE_DIR | Override state directory |
|
OPENCLAW_HOME | Override home directory |
Essential Commands
CODEBLOCK0
Default Gateway
- - Bind:
127.0.0.1:18789 (loopback) - Dashboard: �INLINECODE11
- Protocol: WebSocket (JSON text frames)
Core Workflow
Diagnosing Issues
Always follow this command ladder:
- 1.
openclaw status — quick overview - INLINECODE13� — daemon running? RPC probe ok?
- INLINECODE14� — watch for errors
- INLINECODE15� — config/service diagnostics
- INLINECODE16� — per-channel health
Starting / Restarting Gateway
CODEBLOCK1
Configuration
Edit config via any method:
CODEBLOCK2
Minimal config example:
CODEBLOCK3
Channel Setup
For detailed per-channel setup, see references/channels.md.
For per-channel troubleshooting (failure signatures, setup walkthroughs), see references/channel_troubleshooting.md.
For plugins adding new channels (Matrix, Nostr, MS Teams, etc.), see references/plugins.md.
Quick channel add:
CODEBLOCK4
Model Provider Setup
For detailed provider setup, see references/providers.md.
CODEBLOCK5
Config example:
CODEBLOCK6
Multi-Agent Routing
For detailed multi-agent config, see references/multi_agent.md.
CODEBLOCK7
Nodes (iOS / Android / macOS / Headless)
For detailed node setup, see references/nodes.md.
CODEBLOCK8
Security
For detailed security hardening, see references/security.md.
For secrets management (SecretRef, vault integration), see references/secrets.md.
For sandboxing (Docker isolation for tools), see references/sandboxing.md.
For full config field reference, see references/config_reference.md.
For remote access (SSH, Tailscale, VPN), see references/remote_access.md.
CODEBLOCK9
Update / Uninstall
For detailed installation, updating, rollback, and migration guide, see references/install.md.
CODEBLOCK10
Tools Reference
For detailed per-tool documentation, see references/tools.md.
For specific tools, see:
For ACP agents (Codex, Claude Code, Gemini CLI, etc.), see references/acp_agents.md.
For Diffs plugin and Firecrawl anti-bot fallback, see references/diffs_firecrawl.md.
For chat slash commands (/new, /model, /acp, etc.), see references/slash_commands.md.
For thinking levels (/think, /verbose, /reasoning), see references/thinking.md.
For polls (Telegram, WhatsApp, Discord, MS Teams), see references/polls.md.
For Talk Mode and Voice Wake, see references/voice.md.
For Gateway architecture and wire protocol, see references/architecture.md.
For agent runtime and loop details, see references/agent_runtime.md.
For command queue system, see references/queue.md.
For model failover and OAuth, see references/model_failover.md.
For ClawHub skill registry, see references/clawhub.md.
For presence and discovery, see references/presence_discovery.md.
For streaming and chunking, see references/streaming.md.
For Gateway internals (network model, lock, health, doctor, logging), see references/gateway_internals.md.
For heartbeat system, see references/heartbeat.md.
For Bonjour/mDNS discovery details, see references/bonjour.md.
For Gateway node pairing, see references/pairing.md.
For Terminal UI (TUI), see references/tui.md.
For media (camera, images, audio), see references/media.md.
For channel routing and session keys, see references/channel_routing.md.
Tool profiles: minimal, coding, messaging, full (default).
Tool groups (for allow/deny):
- -
group:runtime — exec, bash, process - INLINECODE22� — read, write, edit, applypatch
- INLINECODE23� — sessionslist/history/send/spawn, sessionstatus
- INLINECODE24� — memorysearch, memoryget
- INLINECODE25� — websearch, web_fetch
- INLINECODE26� — browser, canvas
- INLINECODE27� — cron, gateway
- INLINECODE28� — message
- INLINECODE29� — nodes
- INLINECODE30� — all built-in OpenClaw tools (excludes provider plugins)
Common Failure Signatures
| Error | Cause | Fix |
|---|
| INLINECODE31 | Non-loopback bind without token | Set gateway.auth.token or �INLINECODE33 |
| INLINECODE34� / �INLINECODE35 |
Port conflict |
openclaw gateway --force or change port |
|
Gateway start blocked: set gateway.mode=local | Local mode not enabled | Set
gateway.mode="local" |
|
unauthorized / reconnect loop | Token/password mismatch | Check
OPENCLAW_GATEWAY_TOKEN or config auth |
|
device identity required | Missing device auth | Ensure client completes connect.challenge flow |
| No replies from bot | Pairing/allowlist/mention gating | Check
openclaw pairing list, DM policy, mention patterns |
|
Embedding provider authentication failed (401) |
.env has placeholder API key (e.g.
your-jina-api-key-here) | Replace with real API key in
~/.openclaw/.env, restart Gateway |
|
config change requires gateway restart (plugins.*) | Plugin config changes can't hot-reload | Full
openclaw gateway restart or
launchctl kickstart -k |
|
Bootstrap failed: 5: Input/output error | LaunchAgent plist in stale/stuck state |
openclaw gateway install then
launchctl kickstart -k gui/$(id -u)/ai.openclaw.gateway |
|
Missing env var "X" referenced at config path: ... |
.env missing or variable not defined | Add variable to
~/.openclaw/.env and restart Gateway |
Environment Variables
| Variable | Purpose |
|---|
| INLINECODE56 | Gateway auth token |
| INLINECODE57 |
Gateway auth password |
|
OPENCLAW_GATEWAY_PORT | Override gateway port |
|
OPENCLAW_CONFIG_PATH | Override config file path |
|
OPENCLAW_STATE_DIR | Override state directory |
|
OPENCLAW_HOME | Override home directory |
|
OPENCLAW_LOAD_SHELL_ENV | Import shell env (set to
1) |
|
OPENCLAW_VERBOSE | Verbose logging |
|
OPENCLAW_LOG_FILE | File logging path |
|
OPENCLAW_LOG_LEVEL | Log level control |
|
OPENCLAW_SHELL | Set by OpenClaw in exec/acp/tui runtimes |
|
BRAVE_API_KEY | For web_search tool |
|
FIRECRAWL_API_KEY | For Firecrawl anti-bot fallback |
|
ELEVENLABS_API_KEY | For Talk Mode TTS |
|
ELEVENLABS_VOICE_ID | Default voice for Talk Mode |
|
CLAWHUB_TOKEN | ClawHub API token for CI/automation |
|
CLAWHUB_WORKDIR | ClawHub working directory override |
|
OLLAMA_API_KEY | For Ollama embeddings provider |
OpenClaw 维护技能
OpenClaw 是一个自托管、开源(MIT)的网关,可同时在 WhatsApp、Telegram、Discord、Slack、iMessage、Signal 及其他 15 多个渠道上路由 AI 代理。它可在 macOS、Linux 或 Windows 上运行。
参考文件
各渠道故障特征及排查指南 |
|
tools.md | 工具清单(配置文件、分组、所有内置工具) |
|
exec.md | Exec 工具:参数、配置、PATH、安全、进程工具 |
|
exec_approvals.md | Exec 审批:白名单、安全二进制文件、审批流程 |
|
browser.md | 浏览器工具:配置文件、CDP、中继、SSRF、控制 API |
|
web_tools.md | 网络工具:Brave、Perplexity、Gemini 搜索提供商 |
|
pdf_tool.md | PDF 工具:原生/回退模式、配置、页面过滤 |
|
elevated.md | 提权模式:/elevated 指令、沙箱逃逸 |
|
lobster.md | Lobster:带审批的类型化工作流运行时 |
|
llm_task.md | LLM 任务:仅 JSON 的 LLM 步骤,用于结构化输出 |
|
openprose.md | OpenProse:多代理程序运行时 |
|
plugins.md | 插件:官方列表、配置、清单、CLI、创作 |
|
skills.md | 技能:位置、配置、ClawHub、监视器、令牌影响 |
|
providers.md | 模型提供商设置 |
|
multi_agent.md | 多代理路由 |
|
nodes.md | 节点(iOS/Android/macOS/无头) |
|
security.md | 安全加固 |
|
secrets.md | 密钥管理(SecretRef、保险库) |
|
sandboxing.md | 沙箱(Docker 隔离) |
|
config_reference.md | 完整配置字段参考 |
|
gateway_ops.md | 网关操作 |
|
remote_access.md | 远程访问、SSH、Tailscale、Web 仪表盘 |
|
sessions.md | 会话管理、私信隔离、生命周期、压缩 |
|
hooks.md | 钩子:内部事件钩子、HTTP Webhook、创作、CLI |
|
automation.md | Cron 任务、Webhook、Gmail Pub/Sub |
|
acp_agents.md | ACP 代理:生成外部 AI 运行时(Codex、Claude 等) |
|
install.md | 安装、更新、回滚、迁移、卸载 |
|
web_ui.md | Web 界面:仪表盘、控制 UI、WebChat |
|
slash_commands.md | 聊天斜杠命令(/new、/model、/acp 等) |
|
platforms.md | 平台特定指南(macOS、iOS、Android、Linux、Windows) |
|
diffs_firecrawl.md | Diffs 插件 + Firecrawl 反机器人回退 |
|
subagents.md | 子代理:嵌套生成、线程绑定、通知、工具策略 |
|
memory.md | 记忆系统、向量搜索、混合 BM25、压缩、QMD 后端 |
|
architecture.md | 网关架构、线路协议、配对、不变量 |
|
agent_runtime.md | 代理运行时、引导文件、代理循环、钩子、超时 |
|
streaming.md | 流式传输 + 分块:块流式传输、合并、预览模式 |
|
queue.md | 命令队列:模式(引导/跟进/收集)、并发、按会话 |
|
model_failover.md | 模型故障转移、OAuth、认证配置文件、冷却期、计费禁用 |
|
clawhub.md | ClawHub:公共技能注册表、CLI 命令、发布/安装 |
|
thinking.md | 思考级别、详细指令、推理可见性 |
|
polls.md | 投票:Telegram、WhatsApp、Discord、MS Teams |
|
voice.md | 对话模式(语音交互)+ 语音唤醒(唤醒词) |
|
presence_discovery.md | 在线状态系统、发现(Bonjour/Tailscale)、传输 |
|
gateway_internals.md | 网络模型、网关锁、健康检查、诊断、日志、后台执行 |
|
heartbeat.md | 心跳:配置、投递、可见性、HEARTBEAT.md、按代理 |
|
bonjour.md | Bonjour/mDNS:TXT 键、广域 DNS-SD、调试、故障模式 |
|
pairing.md | 网关配对:节点审批、CLI、API、自动审批、存储 |
|
tui.md | TUI:键盘快捷键、斜杠命令、选择器、本地 Shell、投递 |
|
media.md | 媒体:相机拍摄、图像、音频/语音笔记、转录 |
|
channel_routing.md | 渠道路由、会话密钥、代理选择、Mattermost、BlueBubbles |
快速参考
关键路径
| 路径 | 用途 |
|---|
| ~/.openclaw/openclaw.json | 主配置文件(JSON5) |
| ~/.openclaw/.env |
全局环境变量回退 |
| ~/.openclaw/workspace | 默认代理工作空间 |
| ~/.openclaw/agents/
/ | 按代理的状态 + 会话 |
| ~/.openclaw/skills/ | 托管/本地技能 |
| ~/.openclaw/agents//qmd/ | QMD 记忆后端状态 |
| ~/.openclaw/agents//agent/auth-profiles.json | 认证配置文件 + OAuth 令牌 |
| OPENCLAWCONFIGPATH | 覆盖配置位置 |
| OPENCLAWSTATEDIR | 覆盖状态目录 |
| OPENCLAW_HOME | 覆盖主目录 |
基本命令
openclaw status # 总体状态
openclaw gateway status # 网关守护进程状态
openclaw gateway status --deep # 深度扫描,包括系统服务
openclaw doctor # 诊断配置/服务问题
openclaw doctor --fix # 自动修复安全的问题
openclaw logs --follow # 跟踪网关日志
openclaw channels status --probe # 渠道健康检查
openclaw security audit # 安全态势检查
openclaw security audit --fix # 自动修复安全问题
openclaw update # 自我更新
openclaw dashboard # 在浏览器中打开控制 UI
openclaw tui # 终端 UI(交互式 REPL)
openclaw agent # 通过 CLI 直接与代理交互
openclaw health # 健康检查
openclaw usage # 使用情况跟踪
openclaw config validate # 验证配置文件
openclaw config file # 打印活动配置路径
openclaw sessions cleanup # 会话磁盘清理
openclaw agents bindings # 代理-渠道绑定
openclaw agents bind # 将代理绑定到账户
openclaw agents unbind # 解绑代理
openclaw update --dry-run #
