TL;DR: 358,890 GitHub stars. 72,986 forks. One TypeScript app that lets AI agents run your terminal, send WhatsApp messages, and execute shell commands autonomously. But 42,900 instances are exposed online with no default authentication.
What Is OpenClaw?
OpenClaw is a self-hosted, open-source personal AI assistant framework that connects to your messaging apps (WhatsApp, Telegram, Slack, Discord, Signal, iMessage, Teams, Matrix) and gives AI agents direct shell command execution on your machine.
Created by Peter Steinberger (PSPDFKit founder) in January 2026, it became one of the fastest-growing open-source projects ever, reaching 358K+ stars in just months.
Technical Architecture
OpenClaw runs a 5-component architecture:
| Component | Function |
|---|---|
| Channel Adapters | Parse messages from WhatsApp/Slack/etc. |
| Control Interfaces | Web UI, CLI, macOS app |
| Gateway Control Plane | WebSocket hub on port 18789 |
| Agent Runtime | Session resolution, context assembly |
| Canvas/A2UI | Rich content rendering |
Tech Stack: TypeScript, WebSocket gateway, AgentSkills standard.
Supported Models: Claude Opus 4.6, GPT, DeepSeek, MiniMax, Gemini, Qwen, and local models via Ollama/LMStudio.
Installation
curl -fsSL https://openclaw.ai/install.sh | bash
Requirements: Node.js v22+ (breaks silently on older versions), API key for LLM provider.
Key Features
| Feature | Description |
|---|---|
| Multi-Channel Persistence | Same agent across WhatsApp, Slack, Telegram, Discord |
| Shell Command Execution | Direct terminal access for AI agents |
| Persistent Memory | Context survives across conversations |
| 700+ ClawHub Skills | Tesla, Gmail, GitHub automation pre-built |
| Cron Jobs & Heartbeats | 24/7 autonomous background tasks |
| Voice Integration | Whisper transcription support |
| Multi-Agent Routing | Isolated workspaces for different tasks |
| MIT License | Free and open source |
Competitor Comparison
| Aspect | OpenClaw | Open WebUI | AutoGPT |
|---|---|---|---|
| Purpose | AI agent framework | Chat interface | Autonomous agent |
| Stars | 358K+ | 60K+ | 160K+ |
| Auth | None by default | Built-in | N/A |
| Execution | Direct shell | Plugin-based | Simulated |
| Setup | Single command | Docker | Python pip |
Key Difference: OpenClaw executes commands directly (efficient, risky). AutoGPT simulates execution (safer, slower).
Community Sentiment
Positive
- Andrej Karpathy: "The most incredible sci-fi takeoff-adjacent thing I've seen"
- "First time I've felt like I'm living in the future since ChatGPT launch"
- 700+ attendees at ClawCon SF
Critical
- "OpenClaw is a security nightmare" - Ars Technica investigation found 42,900 exposed instances
- "OVERHYPED" - Some users find it unnecessary after testing
- Corporate bans emerging due to security concerns
Model Ratings from Community:
- Qwen3.6: 9/10 (best balance)
- GLM5.1: 8/10 (strong reasoning)
- MiniMax2.7: 8/10 (fast, capable)
- Claude Opus: 7/10 (expensive but good)
Security Vulnerabilities
Critical CVEs:
- CVE-2026-33579 (CVSS 8.1-9.8): Privilege escalation
- CVE-2026-25253 (CVSS 8.8): Remote code execution
- CVE-2026-26326: Information disclosure
Risks:
- No default authentication
- 42,900 exposed instances online
- Supply chain risk from 700+ community skills
- Prompt injection potential
- Credential theft possible
- No audit logging
Performance Metrics
| Metric | Value |
|---|---|
| Max Concurrent Users (P95 <5s) | ~40 on 2C/4G |
| Max Throughput | ~12 req/s |
| Memory Usage | ~1.2GB / 4GB |
| Enterprise Goal: Task Completion | >=85% |
| Enterprise Goal: Tool Error Rate | <=5% |
The Bottom Line
OpenClaw is revolutionary but high-risk. It offers unprecedented AI agent capabilities with multi-channel persistence and self-improvement, but security vulnerabilities make it dangerous for enterprise use without careful configuration.
For personal use: Exceptional productivity boost if you configure authentication and run behind a firewall.
For enterprise: Needs security audit, VPN, and authentication before deployment.
GitHub: https://github.com/openclaw/openclaw Website: https://openclaw.ai