OpenClaw Personal AI Assistant Complete Guide
OpenClaw 個人 AI 助手完全指南
Imagine having an AI assistant that runs 24/7 on your own machine, monitors your inbox, manages your calendar, syncs with your note-taking app, and responds through your favorite messaging platform — all while you sleep. That's OpenClaw.
This guide covers everything you need to know about OpenClaw: what it is, how it differs from Claude Code, what you need to set it up, and — critically — how to do so securely.
想像擁有一個 AI 助手,24/7 在你自己的機器上運行,監控你的收件匣、管理你的行事曆、同步你的筆記應用,並透過你喜歡的通訊平台回應——而且在你睡覺時也能運作。這就是 OpenClaw。
本指南涵蓋你需要知道的關於 OpenClaw 的一切:它是什麼、它與 Claude Code 有何不同、設置需要什麼,以及——至關重要的——如何安全地進行配置。
1. What is OpenClaw?
1. OpenClaw 是什麼?
OpenClaw is a free and open-source autonomous AI agent developed by Peter Steinberger (former PSPDFKit founder). It runs locally on your machine and connects to Large Language Models like Claude, GPT, or DeepSeek to execute tasks on your behalf.
A Brief History
| Date | Name | Event |
|---|---|---|
| November 2025 | Clawdbot | Original release by Peter Steinberger |
| January 27, 2026 | Moltbot | Renamed after Anthropic trademark complaint |
| January 30, 2026 | OpenClaw | Final rename ("Moltbot never quite rolled off the tongue") |
| February 2026 | — | Over 100,000 GitHub stars, 5,700+ community skills on ClawHub |
How It Works
Unlike cloud-based AI assistants, OpenClaw:
- Runs locally — On your machine, VPS, or home server
- Uses messaging as UI — Telegram, WhatsApp, Discord, Slack, Signal, or iMessage
- Maintains persistent memory — Sessions span hours or days with context preservation
- Connects to services via MCP — Model Context Protocol enables 100+ third-party integrations
- Supports multiple LLMs — Claude, GPT-4, DeepSeek, and others
Configuration and interaction history are stored locally, enabling adaptive behavior across sessions.
OpenClaw 是由 Peter Steinberger(前 PSPDFKit 創辦人)開發的免費開源自主 AI 代理。它在你的本機上運行,並連接到 Claude、GPT 或 DeepSeek 等大型語言模型來代你執行任務。
簡史
| 日期 | 名稱 | 事件 |
|---|---|---|
| 2025 年 11 月 | Clawdbot | Peter Steinberger 原始發布 |
| 2026 年 1 月 27 日 | Moltbot | 因 Anthropic 商標投訴而更名 |
| 2026 年 1 月 30 日 | OpenClaw | 最終更名(「Moltbot 念起來就是不順口」) |
| 2026 年 2 月 | — | 超過 100,000 GitHub stars,ClawHub 上有 5,700+ 社群技能 |
運作方式
與雲端 AI 助手不同,OpenClaw:
- 本地運行 — 在你的機器、VPS 或家用伺服器上
- 以訊息為介面 — Telegram、WhatsApp、Discord、Slack、Signal 或 iMessage
- 維持持久記憶 — 會話可跨越數小時或數天並保留上下文
- 透過 MCP 連接服務 — Model Context Protocol 實現 100+ 第三方整合
- 支援多種 LLM — Claude、GPT-4、DeepSeek 等
配置和互動歷史儲存在本地,實現跨會話的適應性行為。
2. OpenClaw vs. Claude Code: Complementary, Not Competing
2. OpenClaw vs. Claude Code:互補而非競爭
A common misconception is that you must choose between OpenClaw and Claude Code. In reality, they serve fundamentally different purposes.
| Aspect | Claude Code | OpenClaw |
|---|---|---|
| Primary domain | Software development | Personal automation |
| Interface | Terminal | Messaging apps |
| Session model | Per-task, temporary | Persistent daemon |
| Memory | Within conversation | Long-term, cross-session |
| Best for | Code refactoring, debugging, git workflows | Email, calendar, scheduled tasks, multi-platform |
When to Use Claude Code
- You're actively writing or refactoring code
- You need deep codebase understanding
- You want git-aware development workflows
- You're debugging or writing tests
When to Use OpenClaw
- You need 24/7 autonomous operation
- Tasks span multiple sessions (monitoring inbox, follow-ups)
- You want to interact via messaging platforms
- You're automating non-coding workflows (calendar, smart home, health tracking)
Using Both Together
Many developers run both simultaneously:
- Claude Code for focused coding sessions where code understanding matters
- OpenClaw for everything else — reminders via WhatsApp, monitoring tasks, controlling home office setup
Since OpenClaw can use Claude as its AI backend, you get the same intelligence with different interfaces optimized for different use cases.
一個常見的誤解是你必須在 OpenClaw 和 Claude Code 之間做選擇。實際上,它們服務於根本不同的目的。
| 面向 | Claude Code | OpenClaw |
|---|---|---|
| 主要領域 | 軟體開發 | 個人自動化 |
| 介面 | 終端機 | 通訊 App |
| 會話模式 | 按任務、暫時性 | 持久守護程序 |
| 記憶 | 對話內 | 長期、跨會話 |
| 最適合 | 重構程式碼、除錯、git 工作流 | 電郵、行事曆、排程任務、多平台 |
何時使用 Claude Code
- 你正在積極撰寫或重構程式碼
- 你需要深度理解程式碼庫
- 你想要 git 感知的開發工作流
- 你正在除錯或撰寫測試
何時使用 OpenClaw
- 你需要 24/7 自主運作
- 任務跨越多個會話(監控收件匣、跟進)
- 你想透過通訊平台互動
- 你正在自動化非程式碼工作流(行事曆、智慧家居、健康追蹤)
同時使用兩者
許多開發者同時運行兩者:
- Claude Code 用於需要程式碼理解的專注程式碼會話
- OpenClaw 用於其他一切——透過 WhatsApp 的提醒、監控任務、控制家庭辦公室設置
由於 OpenClaw 可以使用 Claude 作為其 AI 後端,你可以獲得相同的智慧,但有針對不同使用情境優化的不同介面。
3. System Requirements
3. 系統需求
Local Installation
| Component | Requirement |
|---|---|
| Runtime | Node.js 22.12.0 or later |
| Package Manager | npm, pnpm, or bun |
| Platforms | macOS, Linux, Windows (WSL2 required) |
Important: Native Windows is untested and has known compatibility issues. WSL2 is strongly recommended for Windows users.
VPS/Server Deployment (Recommended)
| Component | Requirement |
|---|---|
| OS | Ubuntu 22.04 or 24.04 |
| Access | Root or sudo privileges |
| Container | Docker and Docker Compose |
| RAM | Minimum 2GB (4GB recommended) |
| Disk | 10GB+ for Docker images and logs |
Additional Dependencies
build-essentialpackage for native module compilation (Ubuntu/Debian)- API key for your chosen LLM provider (Anthropic, OpenAI, etc.)
- Messaging platform account (Telegram, Discord, WhatsApp, etc.)
本機安裝
| 元件 | 需求 |
|---|---|
| 執行環境 | Node.js 22.12.0 或更新版本 |
| 套件管理器 | npm、pnpm 或 bun |
| 平台 | macOS、Linux、Windows(需要 WSL2) |
**重要:**原生 Windows 未經測試且有已知的相容性問題。強烈建議 Windows 用戶使用 WSL2。
VPS/伺服器部署(推薦)
| 元件 | 需求 |
|---|---|
| 作業系統 | Ubuntu 22.04 或 24.04 |
| 存取權限 | Root 或 sudo 權限 |
| 容器 | Docker 和 Docker Compose |
| RAM | 最少 2GB(建議 4GB) |
| 硬碟 | 10GB+ 用於 Docker 映像和日誌 |
額外依賴
build-essential套件用於原生模組編譯(Ubuntu/Debian)- 你選擇的 LLM 提供者的 API 金鑰(Anthropic、OpenAI 等)
- 通訊平台帳號(Telegram、Discord、WhatsApp 等)
4. Installation Methods
4. 安裝方法
Method 1: Quick Install (Easiest)
# Install globally
npm install -g openclaw@latest
# Run onboarding wizard
openclaw onboard
# Start chatting via your chosen messaging platformThe onboarding wizard guides you through:
- Selecting your AI provider (Claude, GPT-4, etc.)
- Logging into your provider account
- Setting up your messaging channel (Telegram, etc.)
Method 2: Docker Installation (Recommended for Security)
# Clone the repository
git clone https://github.com/openclaw/openclaw.git
cd openclaw
# Run setup script
./setup.shDocker mounts two volumes:
~/.openclaw— Configuration and credentials~/openclaw/workspace— Agent's sandbox environment
Method 3: Source Installation (For Contributors)
# Clone repository
git clone https://github.com/openclaw/openclaw.git
cd openclaw
# Install dependencies
pnpm install
# Run development mode
pnpm devThis path requires Git, Node.js, and pnpm, giving access to the latest development features.
方法一:快速安裝(最簡單)
# 全域安裝
npm install -g openclaw@latest
# 執行引導精靈
openclaw onboard
# 透過你選擇的通訊平台開始對話引導精靈會引導你完成:
- 選擇你的 AI 提供者(Claude、GPT-4 等)
- 登入你的提供者帳號
- 設置你的通訊頻道(Telegram 等)
方法二:Docker 安裝(安全性推薦)
# 複製儲存庫
git clone https://github.com/openclaw/openclaw.git
cd openclaw
# 執行設置腳本
./setup.shDocker 掛載兩個卷:
~/.openclaw— 配置和憑證~/openclaw/workspace— 代理的沙盒環境
方法三:原始碼安裝(適合貢獻者)
# 複製儲存庫
git clone https://github.com/openclaw/openclaw.git
cd openclaw
# 安裝依賴
pnpm install
# 執行開發模式
pnpm dev這個路徑需要 Git、Node.js 和 pnpm,可以存取最新的開發功能。
5. Setting Up Telegram as Your Interface
5. 設置 Telegram 作為你的介面
Telegram is one of the most popular interfaces for OpenClaw. Here's how to set it up:
Step 1: Create a Bot via BotFather
- Open Telegram and search for
@BotFather - Send
/newbotto create a new bot - Follow prompts to set a name and username
- Save the token — BotFather will send you a token like
123456789:ABCdefGHIjklMNOpqrsTUVwxyz
Security: If your token ever leaks, immediately use /revoke with BotFather to regenerate it.
Step 2: Configure OpenClaw
Add to your configuration file:
{
"channels": {
"telegram": {
"enabled": true,
"botToken": "YOUR_BOT_TOKEN_HERE",
"dmPolicy": "pairing"
}
}
}Step 3: Pair Your Account
By default, the bot isn't public — it requires pairing:
- Send
/startto your bot in Telegram - The bot returns a pairing code
- Approve the pairing:
# For Docker installations
docker compose run --rm openclaw-cli pairing approve telegram <CODE>
# For npm installations
openclaw pairing approve telegram <CODE>Step 4: Get Your User ID (For Security)
- Search for
@userinfobotin Telegram - Click "Start" to see your numeric user ID
- Add this ID to OpenClaw's allowed users list
Step 5: Configure Group Privacy (Optional)
If using OpenClaw in group chats:
- Message
@BotFather - Use
/setprivacy - Select your bot
- Choose "Disable" for full message access
- Remove and re-add the bot to any existing groups
Note: With privacy mode ON, the bot only sees direct mentions and commands.
Telegram 是 OpenClaw 最受歡迎的介面之一。以下是設置方法:
步驟一:透過 BotFather 建立機器人
- 開啟 Telegram 並搜尋
@BotFather - 發送
/newbot建立新機器人 - 按提示設置名稱和用戶名
- 儲存 token — BotFather 會發送類似
123456789:ABCdefGHIjklMNOpqrsTUVwxyz的 token
**安全:**如果你的 token 洩漏,立即使用 BotFather 的 /revoke 來重新產生。
步驟二:配置 OpenClaw
加入你的配置檔:
{
"channels": {
"telegram": {
"enabled": true,
"botToken": "你的_BOT_TOKEN",
"dmPolicy": "pairing"
}
}
}步驟三:配對你的帳號
預設情況下,機器人不是公開的——需要配對:
- 在 Telegram 中向你的機器人發送
/start - 機器人返回配對碼
- 批准配對:
# Docker 安裝
docker compose run --rm openclaw-cli pairing approve telegram <CODE>
# npm 安裝
openclaw pairing approve telegram <CODE>步驟四:取得你的用戶 ID(安全用途)
- 在 Telegram 中搜尋
@userinfobot - 點擊「Start」查看你的數字用戶 ID
- 將此 ID 加入 OpenClaw 的允許用戶清單
步驟五:配置群組隱私(可選)
如果在群組聊天中使用 OpenClaw:
- 私訊
@BotFather - 使用
/setprivacy - 選擇你的機器人
- 選擇「Disable」以獲得完整訊息存取
- 從現有群組中移除並重新添加機器人
**注意:**隱私模式開啟時,機器人只能看到直接提及和命令。
6. Integrating Services via MCP and Skills
6. 透過 MCP 和技能整合服務
OpenClaw's power comes from its extensible architecture. With 50+ built-in skills, 5,700+ community contributions on ClawHub, and MCP support for 100+ services, the possibilities are vast.
What Are Skills?
Skills are modular capabilities that extend OpenClaw. They're published as SKILL.md files with supporting code.
ClawHub: The Skill Registry
ClawHub is OpenClaw's public skill registry. You can:
- Search for skills by plain language
- Install skills with one command
- Update skills easily
- Publish your own skills
# Install a skill
npx clawhub install <skill_name>
# Search for skills
npx clawhub search "gmail"Key Integrations
| Service | Capability |
|---|---|
| Gmail/Outlook | Read messages, draft replies, organize folders, auto-categorize, priority flagging |
| Google Calendar | Create events, check conflicts, send reminders |
| Todoist/Things/Asana | Add tasks, check lists, mark complete |
| Obsidian/Notion | Add notes, search vault, bidirectional sync |
| Slack | Summarize channels, draft messages, search history, respond to mentions |
| GitHub | Check PRs, review issues, monitor notifications |
| WHOOP | Daily fitness summaries |
| Philips Hue | Smart home control |
| Spotify | Playback control |
Obsidian Integration Details
The Obsidian skill works with your local vault (plain Markdown files):
- Vault Detection: OpenClaw reads from
~/Library/Application Support/obsidian/obsidian.json(macOS) - Best Practice: Don't hardcode vault paths — let the skill detect them
- Capabilities: Add notes, search vault, retrieve existing notes
# Install Obsidian skill
npx clawhub install obsidianConfigure your vault path in TOOLS.md so OpenClaw knows where to save responses.
MCP Server Configuration
For advanced integrations, configure MCP servers in JSON:
{
"mcpServers": {
"gmail": {
"command": "npx",
"args": ["@anthropic/mcp-server-gmail"],
"env": {
"GMAIL_CREDENTIALS": "/path/to/credentials.json"
}
}
}
}OpenClaw 的強大來自其可擴展的架構。有 50+ 內建技能、ClawHub 上 5,700+ 社群貢獻,以及支援 100+ 服務的 MCP,可能性是巨大的。
什麼是技能?
技能是擴展 OpenClaw 的模組化能力。它們以 SKILL.md 檔案和支援程式碼的形式發布。
ClawHub:技能登錄處
ClawHub 是 OpenClaw 的公開技能登錄處。你可以:
- 搜尋技能(用自然語言)
- 安裝技能(一個命令)
- 更新技能(輕鬆完成)
- 發布你自己的技能
# 安裝技能
npx clawhub install <skill_name>
# 搜尋技能
npx clawhub search "gmail"主要整合
| 服務 | 能力 |
|---|---|
| Gmail/Outlook | 閱讀訊息、草擬回覆、整理資料夾、自動分類、優先標記 |
| Google Calendar | 建立事件、檢查衝突、發送提醒 |
| Todoist/Things/Asana | 新增任務、檢查清單、標記完成 |
| Obsidian/Notion | 新增筆記、搜尋 vault、雙向同步 |
| Slack | 摘要頻道、草擬訊息、搜尋歷史、回應提及 |
| GitHub | 檢查 PR、審查 issue、監控通知 |
| WHOOP | 每日健身摘要 |
| Philips Hue | 智慧家居控制 |
| Spotify | 播放控制 |
Obsidian 整合細節
Obsidian 技能與你的本地 vault(純 Markdown 檔案)配合使用:
- **Vault 偵測:**OpenClaw 從
~/Library/Application Support/obsidian/obsidian.json(macOS)讀取 - **最佳實踐:**不要硬編碼 vault 路徑——讓技能自動偵測
- **能力:**新增筆記、搜尋 vault、檢索現有筆記
# 安裝 Obsidian 技能
npx clawhub install obsidian在 TOOLS.md 中配置你的 vault 路徑,讓 OpenClaw 知道該在哪裡儲存回應。
MCP 伺服器配置
對於進階整合,在 JSON 中配置 MCP 伺服器:
{
"mcpServers": {
"gmail": {
"command": "npx",
"args": ["@anthropic/mcp-server-gmail"],
"env": {
"GMAIL_CREDENTIALS": "/path/to/credentials.json"
}
}
}
}7. Scheduling with Cron Jobs
7. 使用 Cron 排程
One of OpenClaw's killer features is scheduled autonomous tasks:
{
"cron": {
"dailyBriefing": {
"schedule": "0 7 * * *",
"task": "Send me a summary of today's calendar and top 3 priority emails"
},
"eveningTodoReview": {
"schedule": "0 22 * * *",
"task": "Draft tomorrow's to-do list based on calendar and pending tasks"
},
"hourlyInboxCheck": {
"schedule": "0 * * * *",
"task": "Check inbox and flag anything urgent"
},
"weeklyReport": {
"schedule": "0 9 * * 0",
"task": "Compile weekly report from completed tasks and sent emails"
}
}
}You set it once. It runs forever. No manual triggering required.
OpenClaw 的殺手級功能之一是排程自主任務:
{
"cron": {
"dailyBriefing": {
"schedule": "0 7 * * *",
"task": "發送今天的行事曆摘要和前 3 封優先郵件"
},
"eveningTodoReview": {
"schedule": "0 22 * * *",
"task": "根據行事曆和待辦任務草擬明天的待辦清單"
},
"hourlyInboxCheck": {
"schedule": "0 * * * *",
"task": "檢查收件匣並標記任何緊急事項"
},
"weeklyReport": {
"schedule": "0 9 * * 0",
"task": "從已完成任務和已發送郵件編譯週報"
}
}
}你設置一次。它永遠運行。不需要手動觸發。
8. Security: The Critical Consideration
8. 安全性:關鍵考量
This is the most important section of this guide.
OpenClaw is powerful precisely because it can execute real actions on your behalf — shell commands, file operations, network requests. This makes security non-negotiable.
Known Risks
Sandbox Mode is OFF by Default
- Direct message sessions aren't isolated by default
- Public agents can be created with broad access unless carefully constrained
Malicious Skills
- ClawHub hosts 5,700+ skills — not all are trustworthy
- VirusTotal has flagged hundreds of skills with malicious properties
- Always review skill source code before installing
Prompt Injection
- AI models cannot reliably distinguish legitimate commands from malicious instructions embedded in data
- This is not theoretical — it's documented and reproducible
Exposed Deployments
- Many users expose admin dashboards with weak authentication
- Email, cloud storage, and calendar access becomes attack surface
Security Best Practices
1. Enable Sandbox Mode
{
"sandbox": {
"mode": "all",
"workspaceAccess": "none",
"docker": {
"network": "none"
}
}
}2. Use Docker Isolation
Never run OpenClaw directly on your host system. Docker provides:
- Isolated filesystem
- Restricted network access
- CPU and memory limits
- Limited blast radius if compromised
3. Create a Dedicated User
# Create dedicated user
sudo useradd -m openclaw
# Run OpenClaw as this user
sudo -u openclaw openclaw start4. Limit High-Risk Tools
Deny by default, allow explicitly:
{
"tools": {
"deny": ["exec", "browser", "web_fetch", "gateway", "nodes", "cron"],
"allow": ["calendar", "email_read", "notes"]
}
}5. Review Skills Before Installing
- Check VirusTotal reports on ClawHub skill pages
- Read the source code
- Use Claude Code or similar to audit for malicious behavior
6. Deploy on Isolated Infrastructure
Instead of your personal machine:
- Use a dedicated VPS or home server
- Run in a VM with network isolation
- Use firewall rules to limit outbound connections
The Security Mindset
"OpenClaw must ONLY be operated in a fully isolated sandbox environment. Even if the agent gets compromised, it cannot cause damage outside the sandbox."
If you wouldn't give a stranger the credentials you're giving OpenClaw, you shouldn't give them to OpenClaw either — unless it's running in a properly sandboxed environment.
這是本指南最重要的部分。
OpenClaw 之所以強大,正是因為它可以代你執行真實操作——shell 命令、檔案操作、網路請求。這使得安全性不容妥協。
已知風險
沙盒模式預設關閉
- 直接訊息會話預設沒有隔離
- 除非仔細約束,否則可以建立具有廣泛存取權限的公開代理
惡意技能
- ClawHub 託管 5,700+ 技能——並非全部可信
- VirusTotal 已標記數百個具有惡意屬性的技能
- 安裝前務必審查技能原始碼
提示注入
- AI 模型無法可靠地區分嵌入在資料中的合法命令和惡意指令
- 這不是理論性的——它是有記錄且可重現的
暴露的部署
- 許多用戶使用弱驗證暴露管理儀表板
- 電子郵件、雲端儲存和行事曆存取成為攻擊面
安全最佳實踐
1. 啟用沙盒模式
{
"sandbox": {
"mode": "all",
"workspaceAccess": "none",
"docker": {
"network": "none"
}
}
}2. 使用 Docker 隔離
永遠不要直接在主機系統上運行 OpenClaw。Docker 提供:
- 隔離的檔案系統
- 受限的網路存取
- CPU 和記憶體限制
- 如果被入侵,爆炸半徑有限
3. 建立專用用戶
# 建立專用用戶
sudo useradd -m openclaw
# 以此用戶運行 OpenClaw
sudo -u openclaw openclaw start4. 限制高風險工具
預設拒絕,明確允許:
{
"tools": {
"deny": ["exec", "browser", "web_fetch", "gateway", "nodes", "cron"],
"allow": ["calendar", "email_read", "notes"]
}
}5. 安裝前審查技能
- 在 ClawHub 技能頁面檢查 VirusTotal 報告
- 閱讀原始碼
- 使用 Claude Code 或類似工具審計惡意行為
6. 部署在隔離基礎設施上
不要用你的個人機器:
- 使用專用 VPS 或家用伺服器
- 在具有網路隔離的 VM 中運行
- 使用防火牆規則限制出站連接
安全心態
「OpenClaw 必須只在完全隔離的沙盒環境中運作。即使代理被入侵,它也無法對沙盒外造成損害。」
如果你不會把你給 OpenClaw 的憑證給陌生人,你也不應該給 OpenClaw——除非它運行在正確沙盒化的環境中。
9. Troubleshooting Common Issues
9. 常見問題疑難排解
Installation Issues
Problem: npm install fails or "command not found"
Solution:
- Ensure Node.js 22.12.0+ is installed
- Restart terminal after installation
- Add npm global bin to PATH:
export PATH="$PATH:$(npm config get prefix)/bin"Telegram Connection Issues
Problem: Bot starts then silently stops responding
Solution:
- Some hosts resolve
api.telegram.orgto IPv6 first - If your server lacks IPv6 egress, force IPv4 or enable IPv6
Problem: HttpError: Network request failed
Solution:
- Check firewall rules for outbound HTTPS
- Verify API key is correct and has credits
Onboarding Issues
Problem: Wizard exits or channel linking fails
Solution:
- Run
openclaw onboardagain - You can redo just the channel step
Gateway Issues
Problem: Persistent gateway errors
Solution:
openclaw doctor --fixMissing API Key
Problem: OpenClaw won't work at all
Solution:
- The most common config mistake is a missing API key
- Verify you have a valid Anthropic or OpenAI API key configured
安裝問題
問題:npm install 失敗或「command not found」
解決方案:
- 確保安裝了 Node.js 22.12.0+
- 安裝後重啟終端機
- 將 npm 全域 bin 加入 PATH:
export PATH="$PATH:$(npm config get prefix)/bin"Telegram 連接問題
**問題:**機器人啟動後靜默停止回應
解決方案:
- 某些主機首先將
api.telegram.org解析為 IPv6 - 如果你的伺服器缺少 IPv6 出口,強制使用 IPv4 或啟用 IPv6
**問題:**HttpError: Network request failed
解決方案:
- 檢查出站 HTTPS 的防火牆規則
- 驗證 API 金鑰正確且有餘額
引導問題
**問題:**精靈退出或頻道連結失敗
解決方案:
- 再次運行
openclaw onboard - 你可以只重做頻道步驟
閘道問題
**問題:**持續的閘道錯誤
解決方案:
openclaw doctor --fix缺少 API 金鑰
**問題:**OpenClaw 完全無法運作
解決方案:
- 最常見的配置錯誤是缺少 API 金鑰
- 驗證你已配置有效的 Anthropic 或 OpenAI API 金鑰
10. Complete Setup Checklist
10. 完整設置清單
Here's everything you need to achieve the setup you described (Gmail, Todoist, Slack, Obsidian, local operation, Telegram interface):
Prerequisites
- [ ] VPS or dedicated machine (not your personal computer)
- [ ] Node.js 22.12.0+ installed
- [ ] Docker and Docker Compose installed
- [ ] Anthropic API key (or OpenAI/DeepSeek)
- [ ] Telegram account
Installation
- [ ] Install OpenClaw via Docker (recommended) or npm
- [ ] Run
openclaw onboardwizard - [ ] Select Claude as AI provider
- [ ] Configure Telegram as messaging channel
Telegram Setup
- [ ] Create bot via @BotFather
- [ ] Save bot token securely
- [ ] Configure token in OpenClaw
- [ ] Pair your Telegram account
- [ ] Get your user ID via @userinfobot
- [ ] Add user ID to allowed list
Security Configuration
- [ ] Enable sandbox mode
- [ ] Create dedicated Linux user for OpenClaw
- [ ] Configure Docker network isolation
- [ ] Set tool allowlists (deny high-risk by default)
- [ ] Review any skills before installing
Service Integrations
- [ ] Install Gmail skill:
npx clawhub install gmail - [ ] Configure Gmail OAuth credentials
- [ ] Install Todoist skill:
npx clawhub install todoist - [ ] Get Todoist API token and configure
- [ ] Install Slack skill:
npx clawhub install slack - [ ] Create Slack app and configure OAuth
- [ ] Install Obsidian skill:
npx clawhub install obsidian - [ ] Configure vault path in TOOLS.md
Automation
- [ ] Set up cron jobs for scheduled tasks
- [ ] Test each integration individually
- [ ] Monitor logs for the first few days
Ongoing
- [ ] Regularly update OpenClaw:
npm update -g openclaw - [ ] Review ClawHub security reports for installed skills
- [ ] Monitor API usage and costs
以下是達成你描述的設置(Gmail、Todoist、Slack、Obsidian、本機運作、Telegram 介面)所需的一切:
先決條件
- [ ] VPS 或專用機器(不是你的個人電腦)
- [ ] 已安裝 Node.js 22.12.0+
- [ ] 已安裝 Docker 和 Docker Compose
- [ ] Anthropic API 金鑰(或 OpenAI/DeepSeek)
- [ ] Telegram 帳號
安裝
- [ ] 透過 Docker(推薦)或 npm 安裝 OpenClaw
- [ ] 運行
openclaw onboard精靈 - [ ] 選擇 Claude 作為 AI 提供者
- [ ] 配置 Telegram 作為通訊頻道
Telegram 設置
- [ ] 透過 @BotFather 建立機器人
- [ ] 安全儲存機器人 token
- [ ] 在 OpenClaw 中配置 token
- [ ] 配對你的 Telegram 帳號
- [ ] 透過 @userinfobot 取得你的用戶 ID
- [ ] 將用戶 ID 加入允許清單
安全配置
- [ ] 啟用沙盒模式
- [ ] 為 OpenClaw 建立專用 Linux 用戶
- [ ] 配置 Docker 網路隔離
- [ ] 設定工具允許清單(預設拒絕高風險)
- [ ] 安裝前審查任何技能
服務整合
- [ ] 安裝 Gmail 技能:
npx clawhub install gmail - [ ] 配置 Gmail OAuth 憑證
- [ ] 安裝 Todoist 技能:
npx clawhub install todoist - [ ] 取得 Todoist API token 並配置
- [ ] 安裝 Slack 技能:
npx clawhub install slack - [ ] 建立 Slack 應用並配置 OAuth
- [ ] 安裝 Obsidian 技能:
npx clawhub install obsidian - [ ] 在 TOOLS.md 中配置 vault 路徑
自動化
- [ ] 為排程任務設置 cron 作業
- [ ] 單獨測試每個整合
- [ ] 最初幾天監控日誌
持續維護
- [ ] 定期更新 OpenClaw:
npm update -g openclaw - [ ] 審查已安裝技能的 ClawHub 安全報告
- [ ] 監控 API 使用量和成本
Conclusion: The Promise and the Price
OpenClaw represents a genuine leap in personal AI assistants — persistent, autonomous, locally-run, and deeply integrated with your digital life. The ability to have an AI that monitors your inbox, manages your calendar, syncs with your notes, and responds via messaging — all while you sleep — is genuinely transformative.
But this power comes with responsibility:
- Security is non-negotiable. Never run OpenClaw unsandboxed on a machine with sensitive data.
- Review before you trust. Skills can be malicious. Audit them.
- Isolate the blast radius. Use Docker, dedicated users, and network restrictions.
- Start small. Enable one integration at a time. Test thoroughly.
Done right, OpenClaw can genuinely feel like having a tireless chief of staff. Done wrong, it's a security nightmare waiting to happen.
The choice — and the responsibility — is yours.
Sources:
結語:承諾與代價
OpenClaw 代表了個人 AI 助手的真正飛躍——持久、自主、本地運行,並與你的數位生活深度整合。擁有一個 AI 可以監控你的收件匣、管理你的行事曆、同步你的筆記,並透過訊息回應——而且在你睡覺時也能運作——這確實是變革性的。
但這種力量伴隨著責任:
- **安全性不容妥協。**永遠不要在有敏感資料的機器上未經沙盒化運行 OpenClaw。
- **信任前先審查。**技能可能是惡意的。審計它們。
- **隔離爆炸半徑。**使用 Docker、專用用戶和網路限制。
- **從小處開始。**一次啟用一個整合。徹底測試。
做對了,OpenClaw 真的可以感覺像是擁有一個不知疲倦的幕僚長。做錯了,它是一個等待發生的安全噩夢。
選擇——和責任——在你。
來源: