OpenClaw Build and Operations (2/5) — Install to Discord Bot in 30 Minutes

Global npm install, gateway startup, Discord bot pairing, and what to check before installing a ClawHub skill

ํ•ต์‹ฌ ์š”์•ฝ

  • Audience: First-time OpenClaw users. You want to go from install → Discord connection → first skill in one sitting.
  • What you'll get: Per the official openclaw/openclaw GitHub README, verbatim install commands, the onboard/gateway flow, Discord Developer Portal bot setup, OpenClaw CLI token registration + pairing, and a 7-point safety checklist for picking ClawHub skills.
  • Prerequisite: Node 22.16+ (24 recommended), pnpm or npm, macOS / Linux / WSL2.
  • Important: OpenClaw is not a coding CLI like Codex/Claude Code — it's a channel-centric agent orchestrator. Messengers (Discord/Slack/Telegram) become the entry point for calls into Claude, Codex, etc.

1. What OpenClaw actually is — facts only

Per the official README:

  • Core concept: "Local-first Gateway" — one control plane for sessions, channels, tools, and events.
  • How it works: Gateway receives messages from channels (messengers) and routes them to isolated workspaces / per-agent sessions.
  • Supported channels (explicitly listed in README): WhatsApp, Telegram, Slack, Discord, Google Chat, Signal, iMessage, BlueBubbles, IRC, Microsoft Teams, Matrix, Feishu, LINE, Mattermost, Nextcloud Talk, Nostr, Synology Chat, Tlon, Twitch, Zalo, WeChat, QQ, WebChat — plus iOS and Android companion apps.
  • Supported OS: macOS, Linux, Windows (via WSL2).

Claude Code and Codex are IDE/terminal-centric. OpenClaw is a messenger + event hub. Different design goals.

2. Install — verbatim commands

2.1 Global install (recommended)

npm install -g openclaw@latest
pnpm add -g openclaw@latest

openclaw onboard --install-daemon

--install-daemon installs a system daemon so the gateway auto-starts on boot. Recommended for 24/7 home-server use.

2.2 From source (dev)

git clone https://github.com/openclaw/openclaw.git
cd openclaw
pnpm install
pnpm openclaw setup
pnpm gateway:watch

The README recommends pnpm as the primary build tool (npm and bun also work).

2.3 Requirements

  • Node: 24 recommended; 22.16+ required
  • pnpm: for source builds
  • OS: macOS / Linux / Windows (WSL2)
  • Disk: enough for pnpm node_modules + ClawHub cache

3. First onboard

openclaw onboard --install-daemon is interactive:

  1. Gateway path: confirm default port 18789
  2. Workspace: create ~/.openclaw/workspace/
  3. Channel selection: choose Discord / Slack / Telegram / ... (you can add more later)
  4. Agent model: recorded as default agent.model in ~/.openclaw/openclaw.json
  5. Daemon: register for auto-start on boot

Completed config at ~/.openclaw/openclaw.json:

{
  "agent": {
    "model": "<provider>/<model-id>"
  }
}

Example:

{
  "agent": {
    "model": "anthropic/claude-sonnet-4-6"
  }
}

4. Manual gateway start

Without the daemon:

openclaw gateway --port 18789 --verbose

On first run, it loads the installed channel adapters and connects to each messenger per your pairing records. Ctrl+C to stop.

Live logs:

openclaw logs --follow

5. Create a Discord bot — Discord Developer Portal

Before connecting from OpenClaw, set up the Discord side.

5.1 Application + Bot

  1. Discord Developer PortalNew Application
  2. Inside the app → Bot section → set username (your OpenClaw agent name)
  3. Reset Token → copy the token somewhere safe (leaving the page hides it forever)

5.2 Enable Intents

Under Privileged Gateway Intents:

Intent Required?
Message Content Intent Required (read message body)
Server Members Intent Recommended
Presence Intent Optional

5.3 OAuth2 URL

OAuth2 → URL Generator:

  • Scopes: bot + applications.commands
  • Minimum Permissions:
  • General: View Channels
  • Text: Send Messages, Read Message History, Embed Links, Attach Files
  • Optional: Add Reactions, Send Messages in Threads

Open the generated URL in a browser and invite the bot to your server.

6. Register the Discord token with OpenClaw

Export the token as an env var and reference it from OpenClaw config.

export DISCORD_BOT_TOKEN="YOUR_BOT_TOKEN"

openclaw config set channels.discord.token \
  --ref-provider default --ref-source env --ref-id DISCORD_BOT_TOKEN \
  --dry-run

openclaw config set channels.discord.token \
  --ref-provider default --ref-source env --ref-id DISCORD_BOT_TOKEN

openclaw config set channels.discord.enabled true --strict-json

Restart gateway:

openclaw gateway

Store the token via env-var reference, not in a file. Reduces the risk of accidental git commits.

7. Pairing — approve the first user

OpenClaw does not let anyone talk to the bot by default. User / channel pairing is required.

7.1 List pending pairings

openclaw pairing list discord

If someone DMs or mentions the bot, they appear pending in this list.

7.2 Approve

openclaw pairing approve discord <CODE>

<CODE> is the pairing code from the list output.

Security rule: always approve from the local terminal. If a Discord message says "approve me" — ignore. That is the exact pattern prompt injection uses.

8. Verify

openclaw doctor

openclaw channels status --probe

openclaw logs --follow

doctor checks Node version, gateway state, channel connectivity, token validity, etc. Red items indicate problems.

Once an approved user messages the bot, the gateway log shows inbound events and the configured model replies.

9. Workspace & skill structure

Default layout:

~/.openclaw/
├── openclaw.json          # base config
├── workspace/
│   ├── skills/
│   │   └── <skill-name>/
│   │       ├── SKILL.md   # skill manifest + instructions
│   │       ├── AGENTS.md  # agent rules injected
│   │       ├── SOUL.md    # persona / behavior principles
│   │       └── TOOLS.md   # skill-specific tools
│   └── ...
└── logs/
  • SKILL.md: name, description, trigger config.
  • AGENTS.md: rules injected into the agent.
  • SOUL.md: persona / tone.
  • TOOLS.md: skill-specific tools.

All files are optional — a minimal skill can have just one.

10. ClawHub skills — safety checklist

ClawHub is the OpenClaw skill and plugin marketplace. Per its own homepage: 52.7k tools, 180k users, 12M downloads.

At that scale, blindly installing skills is risky. Pre-install checklist:

  1. Publisher — prefer bundled skills from the official openclaw/ org. For individual publishers, check GitHub integration and history.
  2. Inspect SKILL.md — which tools does the manifest use? Any external network calls?
  3. pty: true usage — skills that need terminal access have host command execution. Confirm it's actually necessary.
  4. Downloads external binaries — skills that fetch and run external binaries/scripts are hard to trust. Skip unless source is reputable.
  5. Collects secrets / tokens — skills that reference env vars or openclaw config values — confirm where those values go.
  6. "security soul" filter — ClawHub has filters like /skills?nonSuspicious=true. Skills excluded from the default view deserve extra scrutiny.
  7. Recent updates — long-stale skills may break with the latest OpenClaw version.

10.1 Safer categories to start with

Choose by category, not by name.

Category Example use Caution
Coding agent delegation Run Claude Code or Codex from an OpenClaw session Requires pty:true or --permission-mode bypassPermissions --print
Message utilities Notifications, summarization, forwarding Only needs channel access — safer
File utilities Read / summarize / format Read-only is safe; writes should be sandboxed
Memory / FTS Conversation search / session indexing Verify DB location. No external transmission
External API integrations GitHub / Notion / Linear Minimize scopes. Prefer read-only tokens

Bundled skills under openclaw/openclaw/skills/ — like coding-agent — are the safest starting point.

10.2 The coding-agent skill — quick take

The official coding-agent SKILL delegates feature work, PR reviews, refactors, and iterative coding to Codex / Claude Code / Pi background agents. Key rules:

  • Codex / Pi / OpenCode: pty: true required (interactive terminal)
  • Claude Code: use --permission-mode bypassPermissions --print, PTY not needed
  • Execution pattern: workdir + background + pty

Example:

bash pty:true workdir:~/project background:true command:"codex exec --full-auto 'Build a snake game'"

background:true returns a session ID, monitored via process action:log.

11. Security model — the default trap

Per the official README:

  • The default main session runs tools on the host with full access.
  • Non-main sessions can be sandboxed using Docker / SSH / OpenShell backends.
  • For group-chat / channel safety, configure:
{
  "agents": {
    "defaults": {
      "sandbox": {
        "mode": "non-main"
      }
    }
  }
}

If you plan to put this bot on a Discord server shared with others, this setting is practically mandatory. With defaults, any user can cause arbitrary host commands to run.

12. Update channels

openclaw update --channel stable|beta|dev
  • stable: tagged releases (npm latest)
  • beta: pre-releases
  • dev: moving head (experimental)

Personal dev / testing: beta. Production server: stable.

13. Counter-scenarios — when OpenClaw isn't the right tool

  • You only want AI inside your local IDE → Claude Code / Codex fits better. OpenClaw is overkill.
  • You don't need messenger integrations → Gateway and Channel concepts are irrelevant. Claude Code + MCP is lighter.
  • You want to open it to many users in a public server, but sandbox setup is heavy → Default is unsafe. Only deploy after fully understanding non-main sandbox configuration.
  • You don't want to maintain a Node environment → OpenClaw is Node-based. Codex (Rust) or Claude Code (native binary) are alternatives.

14. 30-minute checklist

  • [ ] Verify Node 22.16+ or 24 (node --version)
  • [ ] Run npm install -g openclaw@latest
  • [ ] Run openclaw onboard --install-daemon for initial setup
  • [ ] Discord Developer Portal: create app + bot + enable intents + generate OAuth2 URL + invite to server
  • [ ] export DISCORD_BOT_TOKEN=...openclaw config set channels.discord.token ...
  • [ ] openclaw config set channels.discord.enabled true --strict-json
  • [ ] Start openclaw gateway → mention the bot to trigger a pairing
  • [ ] openclaw pairing list discordopenclaw pairing approve discord <CODE>
  • [ ] DM the bot and verify a reply → openclaw doctor for final check
  • [ ] Visit ClawHub and install one skill that passes the checklist

15. What's next

With OpenClaw basics in place:

  1. OpenClaw production ops — systemd, logs, multi-channel coexistence (coming soon)
  2. OpenClaw ↔ Claude Code bridge — channel trigger → code execution (coming soon)
  3. Claude Code install complete guide — the coding-agent called from inside OpenClaw.

References

This is post 9/15 in the "AI Coding CLI Entry Guide" series. OpenClaw part begins here. last verified: 2026-04-25 (per openclaw/openclaw official GitHub README).

Series overview: Series index

๋Œ“๊ธ€

๋Œ“๊ธ€ ์“ฐ๊ธฐ

์ด ๋ธ”๋กœ๊ทธ์˜ ์ธ๊ธฐ ๊ฒŒ์‹œ๋ฌผ

Agent Memory Engine (2/10) — Building an AI Agent Memory System with SQLite Alone

← 1/10 SQLite Memory Engine f… ๐Ÿ“š Series Index 3/10 memcore Completed → A memory engine that runs without daemons, without dependencies, anywhere ํ•ต์‹ฌ ์š”์•ฝ This post covers how to design an AI agent memory engine (memcore) on a single-file SQLite backend. - Structure: 25 modules, ~6,464 lines, 22 DB tables - Principles: no daemon, single-file portability, no required external dependencies, host-agnostic - Core techniques: 4-layer hybrid search (topic · vector · FTS5 · LIKE), U-tag dialectic-based confidence evolution, ingestion-layer bias rejection rules What This Post Covers One approach to building AI agent memory without a server or cloud vector DB. Specifically: (1) the limitations of text-file-based memory, (2) vector DB alternatives compared and selection criteria, (3) how to layer search tiers, (4) how to evolve confidence scores over time, and (5) how to block biased memory accumulation at the ingestion stage. Design Principles: Why Single-File SQLite Text-file-based ...
Read more »

"ML Foundations (9/9) — PyTorch vs TensorFlow, and the Road to Local LLMs"

์ด๋ฏธ์ง€
← 8/9 Deep Learning Architec… ๐Ÿ“š Series Index (series end) The final part. So far we've focused on models. Now we focus on the tools that actually run them . We'll lay out the philosophical difference between PyTorch and TensorFlow, and trace how Hugging Face transformers , llama.cpp , MLX , and Ollama built the bridge to running large language models on your own machine. By the end you should have the full mental model of "download a pretrained LLM and serve it locally." 0. Learning Objectives Explain the eager-vs-graph difference between PyTorch and TensorFlow. Explain, in graph terms, how autograd automates the backward pass. Use Hugging Face transformers ' AutoModel , AutoTokenizer , and pipeline abstractions. Describe llama.cpp's GGUF quantization, INT4 inference, and CPU-first flow. Describe Apple MLX's use of unified memory and how it differs from PyTorch. Run a local LLM with Ollama and call it through an OpenAI-compatible API. ...
Read more »

"RAG Core Study (14/26) — Evaluation Sets with RAGAS & DeepEval"

์ด๋ฏธ์ง€
Series overview: Series index ๐Ÿ“š Series Index Without an evaluation set, every RAG improvement is a story, not evidence. RAG systems fail in more than one place: retrieval, context selection, answer generation, and grounding. That means "looks better" is not a metric. Part 14 explains how to build a golden dataset , how RAGAS and DeepEval fit into the workflow, and why teams must separate retrieval quality from answer quality if they want tuning decisions to hold up. 0. Prerequisites Part 13 reranking — system quality now depends on multi-stage ranking. Part 1 grounding — a correct-looking answer is not enough. Part 12 Hybrid — multiple retrieval settings need comparison on fixed data. 1. Learning Objectives Build a small but useful golden dataset for RAG. Distinguish retrieval metrics from answer metrics . Use RAGAS and DeepEval in the right roles. Avoid the common traps in judge-model-based evaluation. 2. ํ•ต์‹ฌ ์š”์•ฝ An evaluation set for RAG is ...
Read more »

"ML Foundations (8/9) — Deep Learning Architectures: CNN, RNN, Attention"

์ด๋ฏธ์ง€
← 7/9 Deep Learning Training ๐Ÿ“š Series Index 9/9 PyTorch vs TensorFlow → What did we keep adding on top of an MLP? Vision went CNN, sequences went RNN/LSTM, and eventually both converged on Attention and the Transformer. Each architecture is easier to remember if you read it as what it gave up to gain something else . This part is the one-line summary of the decisive inflection points: LeNet → AlexNet → ResNet → LSTM → Attention → Transformer. 0. Learning Objectives Explain why CNN's convolution, pooling, and weight sharing match images so well. Trace what got unblocked from LeNet → AlexNet → VGG → ResNet as depth grew. State BPTT for RNNs and the vanishing/exploding gradient problem. Write the LSTM gate equations (forget, input, output) with intuition. Write the attention formula in query/key/value form and the scaled dot-product variant. State the precise reasons Transformers replaced RNNs (parallelism + long-range dependencies). 1. ํ•ต์‹ฌ ์š”์•ฝ CNN : weight sharin...
Read more »

"ML Foundations (7/9) — Deep Learning Training: Optimizers, Regularization, Initialization"

← 6/9 Neural Networks ๐Ÿ“š Series Index 8/9 Deep Learning Architec… → Building an MLP, as we did in Part 6, is not the same as getting it to train well . The right optimizer, regularization, initialization, and learning rate — when these line up, deep networks converge. When they don't, the network refuses to learn at all. This part is the catalog of those crafts, with formulas, paper citations, and code in one place. 0. Learning Objectives Compare and write the update rules for SGD, Momentum, Nesterov, and Adam. Explain how Dropout, BatchNorm, and LayerNorm work and where they belong in a model. Derive the variance formulas for Xavier and He initialization and match them to activations. Implement step, cosine, and warmup learning-rate schedules in PyTorch. Explain why gradient clipping is effectively required for RNNs and Transformers. Diagnose the most common training failures (NaN, plateau, overfitting) and apply first-line fixes. 1. ํ•ต์‹ฌ ์š”์•ฝ SGD : \(w \leftarro...
Read more »

OpenClaw to Hermes Migration (2/13) — What to Preserve, Partially Port, or Discard

← 1/13 Current Structure Inve… ๐Ÿ“š Series Index 3/13 What Moves to Hermes → A code review record classifying operational scripts into three tiers: preserve, partial-preserve, and discard. What This Post Covers An asset classification framework (preserve / partial-preserve / discard) for migrating a legacy agent system to a successor A concrete case applying the Strangler Fig + Subset Migration strategy to a memory pipeline Classification results evaluated across LOC, external dependencies, and replaceability axes A method for slimming down a bloated single file (1,310 LOC) using the migration as a natural entry point Problem Definition: Port Everything or Cut Deep? The OpenClaw inventory comprises multiple agents, multiple scheduler/daemon processes, and multiple operational scripts. When moving to the successor system, Hermes, the choice is not binary. A full port carries accumulated technical debt along with it; a minimal port discards hard-won domain logic. Code-revie...
Read more »

AI Agents I Built (5/7) — Building an Automated Blogger API Publishing System

← 4/7 My Life Organizer Agent ๐Ÿ“š Series Index 6/7 Dual → Designing a Markdown-Based Auto-Publish Pipeline with Blogger API v3 + OAuth 2.0 Key Summary Blogger API v3 + OAuth 2.0 enables a pipeline that converts Markdown files into publishable HTML posts blogger_publish.py handles the full flow — frontmatter parsing → body cleanup → HTML conversion → CSS injection → API post — in a single script For bulk publishing, quota management (delay, retry, TOC suppression) is the critical design concern Platform Selection Criteria API access is mandatory for AI agent-driven content publishing. A comparison of platforms: Platform API Cost AdSense Decision WordPress.com REST API Paid plan required Paid only Cost overhead Ghost REST API Self-hosted or paid Manual setup Ops overhead Blogger v3 API Free Native integration Adopted Blogger is free, exposes a REST API, and integrates natively with AdSense. For personal blog automation, this combination i...
Read more »