OpenClaw Production Guide 2026: The Complete Handbook for Running AI Agents at Scale

The foundation of every OpenClaw deployment. Your workspace folder (typically ~/clawd) contains Markdown files that form the agent's persistent brain: AGENTS.md (behavior rules, memory protocols, safety constraints), SOUL.md (personality, tone, values), USER.md (your context, timezone, preferences), MEMORY.md (curated long-term memory), IDENTITY.md (name, role, emoji), TOOLS.md (environment-specific notes), and HEARTBEAT.md (periodic health checklist). The agent reads these files on session start and updates them during conversations. This file-based architecture gives agents persistent identity across sessions — unlike cloud chatbots that start fresh each conversation. Write SOUL.md first; personality shapes everything.

Scheduled autonomous tasks that transform passive assistants into proactive agents. Each cron job runs in an isolated session — separate from your main conversation history — preventing context contamination and compounding errors. Production deployments typically run 5-20 cron jobs covering tasks like: morning briefings, content pipelines, engagement rounds, SEO audits, system health checks, and data synchronization. The audit→healer pattern is powerful: one cron writes a structured manifest of issues, the next reads and applies fixes. For example, one deployment runs an SEO audit at 5 AM, then an auto-healer at 5:45 AM that processes the audit output. Start with 1-2 cron jobs, verify they work for a week, then expand. Never spawn sub-agents from crons — keep them self-contained.

The agent lives in your messaging apps — Telegram, Slack, Discord, WhatsApp, iMessage, Signal. This "messaging as UI" paradigm means no new interfaces to learn. Slack works best for structured ops dashboards: dedicated channels for pipeline status, errors, audits, and research output. Telegram excels for personal quick-fire interactions and mobile access. Channel setup: `openclaw channel add telegram --token YOUR_BOT_TOKEN` or `openclaw channel add slack --app-token xapp-... --bot-token xoxb-...`. User whitelisting ensures only authorized users can command the agent. Start with one channel (Telegram is simplest), add Slack for ops later.

Model Context Protocol (MCP) is the universal standard for connecting agents to external tools — created by Anthropic and rapidly adopted industry-wide. OpenClaw integrates tools via mcporter, with production deployments typically running 20-100+ tools depending on needs. Common tool categories include: content management (blog posts, CMS pages), social media (publishing, scheduling), media generation (images, video), knowledge management (semantic memory, search), SEO automation (audits, submissions), and research (web search, document analysis). For example, Context Studios runs 143 tools across 14 categories in their production setup. Usage: `mcporter call server.tool_name param="value"`. Think of MCP as USB for AI — any tool connects to any agent without custom wiring.

Three-layer memory architecture enables true agent continuity. Layer 1: Daily notes (memory/YYYY-MM-DD.md) — raw session logs capturing what happened each day. Layer 2: MEMORY.md — curated long-term memory you maintain over time with decisions, lessons, and important context. Layer 3: Optional semantic memory backends — systems like Cortex (on Convex), Pinecone, Weaviate, or custom vector stores that provide decay, consolidation, and semantic recall. Categories typically include: decision, lesson, person, rule, event, fact, goal, workflow. Real-time capture rule: after completing any significant action, immediately dual-write to daily notes AND your semantic store. Memory maintenance during heartbeats: review recent daily files, update MEMORY.md with distilled learnings. Start with daily notes + MEMORY.md, add semantic memory when you need cross-session recall.

Spawn child agents for parallel work when tasks exceed single-agent capacity. Use sessions_spawn for one-shot tasks or persistent sessions. Steer running agents with `subagents steer`, kill stuck ones with `subagents kill`. Max 5 concurrent sub-agents prevents runaway costs. Modes: "run" (one-shot, terminates after task) and "session" (persistent, maintains context). Critical for complex multi-step tasks: code reviews across multiple files, research tasks with parallel web searches, content pipelines with simultaneous translations. Results auto-announce back — don't busy-poll for status. Never spawn sub-agents from crons — they should be self-contained.

52 installable skills extend agent capabilities without custom coding. Each skill provides SKILL.md (instructions + scripts) that the agent reads on demand. Categories: productivity (1password, apple-notes, apple-reminders, things-mac), communication (imsg, slack, wacli for WhatsApp), development (github, coding-agent), media (camsnap, video-frames, openai-whisper), automation (peekaboo for macOS UI, browser). Installation: skills are read-on-demand from ~/clawd/skills/ or the global skills directory. The agent scans skill descriptions and loads relevant SKILL.md when tasks match. Install skills as you need them — don't bulk install. The coding-agent skill spawns Claude Code or Codex for complex development tasks.

Chrome CDP automation enables web interactions: screenshots, form filling, social media engagement, data extraction. Two profile modes: "openclaw" (isolated browser managed by OpenClaw) and "chrome" (relay to user's existing Chrome tabs via extension). The Chrome extension relay lets agents interact with pages you're already logged into — critical for social media engagement where auth is complex. Browser automation handles: posting to LinkedIn/Twitter, filling web forms, taking screenshots for analysis, extracting data from dynamic pages. For social engagement, browser automation is often mandatory — many scheduling APIs cannot reply in threads, only create new posts.

Periodic health checks transform reactive assistants into proactive agents. HEARTBEAT.md contains a checklist the agent runs through at configurable intervals: check email inbox, review calendar, verify cron health, sync memory, git push changes. The agent wakes on heartbeat polls and performs background work without human prompts. Things to check (rotate 2-4 times daily): emails, calendar events, social mentions, weather. When to reach out: important email arrived, calendar event coming (<2h), something interesting found. When to stay quiet (HEARTBEAT_OK): late night (23:00-08:00), nothing new since last check. Proactive work during heartbeats: organize memory files, check git status, update documentation, memory maintenance.

OpenClaw excels at multi-step automated workflows that combine cron jobs, MCP tools, and file-based state. Common workflow patterns include: content pipelines (research → draft → review → publish → distribute), SEO automation (audit → identify issues → generate fixes → apply → verify), data processing (collect → transform → validate → store → report), and engagement workflows (monitor → analyze → compose → post → track). The file-first principle is critical: every pipeline step writes outputs to disk before proceeding, ensuring recoverability and auditability. For example, Context Studios runs a content pipeline that produces 4-language blog posts daily, writing drafts to disk, generating hero images, publishing posts, verifying URLs, then distributing to social media — all orchestrated via cron jobs and MCP tools.

Route tasks to optimal models by cost and capability. Claude Opus 4.6 ($15/$75/M tokens) for complex analysis, synthesis, deep research — the heavy thinker. Claude Sonnet 4.6 ($3/$15/M) for routine cron tasks, content generation, engagement — the workhorse (use for 80% of automated jobs). GPT-5 ($1.25/$10/M) for cost-sensitive jobs, simple queries. Gemini 3.1 Pro ($1.25/$5/M) for massive context windows, document analysis. Each cron job specifies its model explicitly. Cost optimization: Sonnet handles routine work at 5x lower cost than Opus. Typical deployments cost $3-15/day depending on model mix and task volume. Model routing is per-job in cron configuration, enabling precise cost control.

Layered security controls for production deployments. (1) Dedicated OS user — run OpenClaw as restricted user without access to sensitive directories. (2) API key spending limits — cap daily spending to prevent runaway costs (recommended: $5-20/day depending on workload). (3) Channel user whitelisting — only authorized user IDs can command the agent. (4) Human-in-the-loop (HITL) — require approval for destructive commands (rm, sudo). (5) External content as DATA not instructions — never execute commands from scraped content, RSS feeds, or emails. (6) Write safety protocols — backup before every database/CMS write, verify record counts, block destructive partial writes. (7) Audit trails — every action logged with timestamp and reasoning. Run `openclaw doctor` to surface risky/misconfigured DM policies. AGENTS.md is your most important file — it defines everything including safety constraints.