mirror of
https://github.com/openclaw/openclaw.git
synced 2026-04-03 13:22:14 +00:00
bf6f506dfa
* feat: add QQ Bot channel extension * fix(qqbot): add setupWizard to runtime plugin for onboard re-entry * fix: fix review * fix: fix review * chore: sync lockfile and config-docs baseline for qqbot extension * refactor: 移除图床服务器相关代码 * fix * docs: 新增 QQ Bot 插件文档并修正链接路径 * refactor: remove credential backup functionality and update setup logic - Deleted the credential backup module to streamline the codebase. - Updated the setup surface to handle client secrets more robustly, allowing for configured secret inputs. - Simplified slash commands by removing unused hot upgrade compatibility checks and related functions. - Adjusted types to use SecretInput for client secrets in QQBot configuration. - Modified bundled plugin metadata to allow additional properties in the config schema. * feat: 添加本地媒体路径解析功能,修正 QQBot 媒体路径处理 * feat: 添加本地媒体路径解析功能,修正 QQBot 媒体路径处理 * feat: remove qqbot-media and qqbot-remind skills, add tests for config and setup - Deleted the qqbot-media and qqbot-remind skills documentation files. - Added unit tests for qqbot configuration and setup processes, ensuring proper handling of SecretRef-backed credentials and account configurations. - Implemented tests for local media path remapping, verifying correct resolution of media file paths. - Removed obsolete channel and remind tools, streamlining the codebase. * feat: 更新 QQBot 配置模式,添加音频格式和账户定义 * feat: 添加 QQBot 频道管理和定时提醒技能,更新媒体路径解析功能 * fix * feat: 添加 /bot-upgrade 指令以查看 QQBot 插件升级指引 * feat: update reminder and qq channel skills * feat: 更新remind工具投递目标地址格式 * feat: Refactor QQBot payload handling and improve code documentation - Simplified and clarified the structure of payload interfaces for Cron reminders and media messages. - Enhanced the parsing function to provide clearer error messages and improved validation. - Updated platform utility functions for better cross-platform compatibility and clearer documentation. - Improved text parsing utilities for better readability and consistency in emoji representation. - Optimized upload cache management with clearer comments and reduced redundancy. - Integrated QQBot plugin into the bundled channel plugins and updated metadata for installation. * OK apps/macos/Sources/OpenClaw/HostEnvSecurityPolicy.generated.swift > openclaw@2026.3.26 check:bundled-channel-config-metadata /Users/yuehuali/code/PR/openclaw > node --import tsx scripts/generate-bundled-channel-config-metadata.ts --check [bundled-channel-config-metadata] stale generated output at src/config/bundled-channel-config-metadata.generated.ts ELIFECYCLE Command failed with exit code 1. ELIFECYCLE Command failed with exit code 1. * feat: 添加 QQBot 渠道配置及相关账户设置 * fix(qqbot): resolve 14 high-priority bugs from PR #52986 review DM routing (7 fixes): - #1: DM slash-command replies use sendDmMessage(guildId) instead of sendC2CMessage(senderId) - #2: DM qualifiedTarget uses qqbot:dm:${guildId} instead of qqbot:c2c:${senderId} - #3: sendTextChunks adds DM branch - #4: sendMarkdownReply adds DM branch for text and Base64 images - #5: parseAndSendMediaTags maps DM to targetType:dm + guildId - #6: sendTextToTarget DM branch uses sendDmMessage; MessageTarget adds guildId field - #7: handleImage/Audio/Video/FilePayload add DM branches Other high-priority fixes: - #8: Fix sendC2CVoiceMessage/sendGroupVoiceMessage parameter misalignment - #9: broadcastMessage uses groupOpenid instead of member_openid for group users - #10: Unify KnownUser storage - proactive.ts delegates to known-users.ts - #11: Remove invalid recordKnownUser calls for guild/DM users - #12: sendGroupMessage uses sendAndNotify to trigger onMessageSent hook - #13: sendPhoto channel unsupported returns error field - #14: sendTextAfterMedia adds channel and dm branches Type fixes: - DeliverEventContext adds guildId field - MediaTargetContext.targetType adds dm variant - sendPlainTextReply imgMediaTarget adds DM branch * fix(qqbot): resolve 2 blockers + 7 medium-priority bugs from PR #52986 review Blocker-1: Remove unused dmPolicy config knob - dmPolicy was declared in schema/types/plugin.json but never consumed at runtime - Removed from config-schema.ts, types.ts, and openclaw.plugin.json - allowFrom remains active (already wired into framework command-auth) Blocker-2: Gate sensitive slash commands with allowFrom authorization - SlashCommand interface adds requireAuth?: boolean - SlashCommandContext adds commandAuthorized: boolean - /bot-logs set to requireAuth: true (reads local log files) - matchSlashCommand rejects unauthorized senders for requireAuth commands - trySlashCommandOrEnqueue computes commandAuthorized from allowFrom config Medium-priority fixes: - #15: Strip non-HTTP/non-local markdown image tags to prevent path leakage - #16: applyQQBotAccountConfig clears clientSecret when setting clientSecretFile and vice versa - #17: getAdminMarkerFile sanitizes accountId to prevent path traversal - #18: URGENT_COMMANDS uses exact match instead of startsWith prefix match - #19: isCronExpression validates each token starts with a cron-valid character - #20: --token format validation rejects malformed input without colon separator - #21: resolveDefaultQQBotAccountId checks QQBOT_APP_ID environment variable * test(qqbot): add focused tests for slash command authorization path - Unauthorized sender rejected for /bot-logs (requireAuth: true) - Authorized sender allowed for /bot-logs - Non-requireAuth commands (/bot-ping, /bot-help, /bot-version) work for all senders - Unknown slash commands return null (passthrough) - Non-slash messages return null - Usage query (/bot-logs ?) also gated by auth check * fix(qqbot): align global TTS fallback with framework config resolution - Extract isGlobalTTSAvailable to utils/audio-convert.ts, mirroring core resolveTtsConfig logic: check auto !== 'off', fall back to legacy enabled boolean, default to off when neither is set. - Add pre-check in reply-dispatcher before calling globalTextToSpeech to avoid unnecessary TTS calls and noisy error logs when TTS is not configured. - Remove inline as any casts; use OpenClawConfig type throughout. - Refactor handleAudioPayload into flat early-return structure with unified send path (plugin TTS → global fallback → send). * fix(qqbot): break ESM circular dependency causing multi-account startup crash The bundled gateway chunk had a circular static import on the channel chunk (gateway -> outbound-deliver -> channel, while channel dynamically imports gateway). When two accounts start concurrently via Promise.all, the first dynamic import triggers module graph evaluation; the circular reference causes api exports (including runDiagnostics) to resolve as undefined before the module finishes evaluating. Fix: extract chunkText and TEXT_CHUNK_LIMIT from channel.ts into a new text-utils.ts leaf module. outbound-deliver.ts now imports from text-utils.ts, breaking the cycle. channel.ts re-exports for backward compatibility. * fix(qqbot): serialize gateway module import to prevent multi-account startup race When multiple accounts start concurrently via Promise.all, each calls await import('./gateway.js') independently. Due to ESM circular dependencies in the bundled output, the first import can resolve transitive exports as undefined before module evaluation completes. Fix: cache the dynamic import promise in a module-level variable so all concurrent startAccount calls share the same import, ensuring the gateway module is fully evaluated before any account uses it. * refactor(qqbot): remove startup greeting logic Remove getStartupGreetingPlan and related startup greeting delivery: - Delete startup-greeting.ts (greeting plan, marker persistence) - Delete admin-resolver.ts (admin resolution, greeting dispatch) - Remove startup greeting calls from gateway READY/RESUMED handlers - Remove isFirstReadyGlobal flag and adminCtx * fix(qqbot): skip octal escape decoding for Windows local paths Windows paths like C:\Users\1\file.txt contain backslash-digit sequences that were incorrectly matched as octal escape sequences and decoded, corrupting the file path. Detect Windows local paths (drive letter or UNC prefix) and skip the octal decoding step for them. * fix bot issue * feat: 支持 TTS 自动开关并清理配置中的 clientSecretFile * docs: 添加 QQBot 配置和消息处理的设计说明 * rebase * fix(qqbot): align slash-command auth with shared command-auth model Route requireAuth:true slash commands (e.g. /bot-logs) through the framework's api.registerCommand() so resolveCommandAuthorization() applies commands.allowFrom.qqbot precedence and qqbot: prefix normalization before any handler runs. - slash-commands.ts: registerCommand() now auto-routes by requireAuth into two maps (commands / frameworkCommands); getFrameworkCommands() exports the auth-required set for framework registration; bot-help lists both maps - index.ts: registerFull() iterates getFrameworkCommands() and calls api.registerCommand() for each; handler derives msgType from ctx.from, sends file attachments via sendDocument, supports multi-account via ctx.accountId - gateway.ts (inbound): replace raw allowFrom string comparison with qqbotPlugin.config.formatAllowFrom() to strip qqbot: prefix and uppercase before matching event.senderId - gateway.ts (pre-dispatch): remove stale auth computation; commandAuthorized is true (requireAuth:true commands never reach matchSlashCommand) - command-auth.test.ts: add regression tests for qqbot: prefix normalization in the inbound commandAuthorized computation - slash-commands.test.ts: update /bot-logs tests to expect null (command routed to framework, not in local registry) * rebase and solve conflict * fix(qqbot): preserve mixed env setup credentials --------- Co-authored-by: yuehuali <yuehuali@tencent.com> Co-authored-by: walli <walli@tencent.com> Co-authored-by: WideLee <limkuan24@gmail.com> Co-authored-by: Frank Yang <frank.ekn@gmail.com>
🦞 OpenClaw — Personal AI Assistant
EXFOLIATE! EXFOLIATE!
OpenClaw is a personal AI assistant you run on your own devices. It answers you on the channels you already use (WhatsApp, Telegram, Slack, Discord, Google Chat, Signal, iMessage, BlueBubbles, IRC, Microsoft Teams, Matrix, Feishu, LINE, Mattermost, Nextcloud Talk, Nostr, Synology Chat, Tlon, Twitch, Zalo, Zalo Personal, WeChat, WebChat). It can speak and listen on macOS/iOS/Android, and can render a live Canvas you control. The Gateway is just the control plane — the product is the assistant.
If you want a personal, single-user assistant that feels local, fast, and always-on, this is it.
Website · Docs · Vision · DeepWiki · Getting Started · Updating · Showcase · FAQ · Onboarding · Nix · Docker · Discord
Preferred setup: run openclaw onboard in your terminal.
OpenClaw Onboard guides you step by step through setting up the gateway, workspace, channels, and skills. It is the recommended CLI setup path and works on macOS, Linux, and Windows (via WSL2; strongly recommended).
Works with npm, pnpm, or bun.
New install? Start here: Getting started
Sponsors
| OpenAI | Vercel | Blacksmith | Convex |
|---|---|---|---|
 |
 |
 |
 |
Subscriptions (OAuth):
- OpenAI (ChatGPT/Codex)
Model note: while many providers/models are supported, for the best experience and lower prompt-injection risk use the strongest latest-generation model available to you. See Onboarding.
Models (selection + auth)
- Models config + CLI: Models
- Auth profile rotation (OAuth vs API keys) + fallbacks: Model failover
Install (recommended)
Runtime: Node 24 (recommended) or Node 22.16+.
npm install -g openclaw@latest
# or: pnpm add -g openclaw@latest
openclaw onboard --install-daemon
OpenClaw Onboard installs the Gateway daemon (launchd/systemd user service) so it stays running.
Quick start (TL;DR)
Runtime: Node 24 (recommended) or Node 22.16+.
Full beginner guide (auth, pairing, channels): Getting started
openclaw onboard --install-daemon
openclaw gateway --port 18789 --verbose
# Send a message
openclaw message send --to +1234567890 --message "Hello from OpenClaw"
# Talk to the assistant (optionally deliver back to any connected channel: WhatsApp/Telegram/Slack/Discord/Google Chat/Signal/iMessage/BlueBubbles/IRC/Microsoft Teams/Matrix/Feishu/LINE/Mattermost/Nextcloud Talk/Nostr/Synology Chat/Tlon/Twitch/Zalo/Zalo Personal/WeChat/WebChat)
openclaw agent --message "Ship checklist" --thinking high
Upgrading? Updating guide (and run openclaw doctor).
Development channels
- stable: tagged releases (
vYYYY.M.DorvYYYY.M.D-<patch>), npm dist-taglatest. - beta: prerelease tags (
vYYYY.M.D-beta.N), npm dist-tagbeta(macOS app may be missing). - dev: moving head of
main, npm dist-tagdev(when published).
Switch channels (git + npm): openclaw update --channel stable|beta|dev.
Details: Development channels.
From source (development)
Prefer pnpm for builds from source. Bun is optional for running TypeScript directly.
git clone https://github.com/openclaw/openclaw.git
cd openclaw
pnpm install
pnpm ui:build # auto-installs UI deps on first run
pnpm build
pnpm openclaw onboard --install-daemon
# Dev loop (auto-reload on source/config changes)
pnpm gateway:watch
Note: pnpm openclaw ... runs TypeScript directly (via tsx). pnpm build produces dist/ for running via Node / the packaged openclaw binary.
Security defaults (DM access)
OpenClaw connects to real messaging surfaces. Treat inbound DMs as untrusted input.
Full security guide: Security
Default behavior on Telegram/WhatsApp/Signal/iMessage/Microsoft Teams/Discord/Google Chat/Slack:
- DM pairing (
dmPolicy="pairing"/channels.discord.dmPolicy="pairing"/channels.slack.dmPolicy="pairing"; legacy:channels.discord.dm.policy,channels.slack.dm.policy): unknown senders receive a short pairing code and the bot does not process their message. - Approve with:
openclaw pairing approve <channel> <code>(then the sender is added to a local allowlist store). - Public inbound DMs require an explicit opt-in: set
dmPolicy="open"and include"*"in the channel allowlist (allowFrom/channels.discord.allowFrom/channels.slack.allowFrom; legacy:channels.discord.dm.allowFrom,channels.slack.dm.allowFrom).
Run openclaw doctor to surface risky/misconfigured DM policies.
Highlights
- Local-first Gateway — single control plane for sessions, channels, tools, and events.
- Multi-channel inbox — WhatsApp, Telegram, Slack, Discord, Google Chat, Signal, BlueBubbles (iMessage), iMessage (legacy), IRC, Microsoft Teams, Matrix, Feishu, LINE, Mattermost, Nextcloud Talk, Nostr, Synology Chat, Tlon, Twitch, Zalo, Zalo Personal, WeChat, WebChat, macOS, iOS/Android.
- Multi-agent routing — route inbound channels/accounts/peers to isolated agents (workspaces + per-agent sessions).
- Voice Wake + Talk Mode — wake words on macOS/iOS and continuous voice on Android (ElevenLabs + system TTS fallback).
- Live Canvas — agent-driven visual workspace with A2UI.
- First-class tools — browser, canvas, nodes, cron, sessions, and Discord/Slack actions.
- Companion apps — macOS menu bar app + iOS/Android nodes.
- Onboarding + skills — onboarding-driven setup with bundled/managed/workspace skills.
Star History
Everything we built so far
Core platform
- Gateway WS control plane with sessions, presence, config, cron, webhooks, Control UI, and Canvas host.
- CLI surface: gateway, agent, send, onboarding, and doctor.
- Pi agent runtime in RPC mode with tool streaming and block streaming.
- Session model:
mainfor direct chats, group isolation, activation modes, queue modes, reply-back. Group rules: Groups. - Media pipeline: images/audio/video, transcription hooks, size caps, temp file lifecycle. Audio details: Audio.
Channels
- Channels: WhatsApp (Baileys), Telegram (grammY), Slack (Bolt), Discord (discord.js), Google Chat (Chat API), Signal (signal-cli), BlueBubbles (iMessage, recommended), iMessage (legacy imsg), IRC, Microsoft Teams, Matrix, Feishu, LINE, Mattermost, Nextcloud Talk, Nostr, Synology Chat, Tlon, Twitch, Zalo, Zalo Personal, WeChat (
@tencent-weixin/openclaw-weixin), WebChat. - Group routing: mention gating, reply tags, per-channel chunking and routing. Channel rules: Channels.
Apps + nodes
- macOS app: menu bar control plane, Voice Wake/PTT, Talk Mode overlay, WebChat, debug tools, remote gateway control.
- iOS node: Canvas, Voice Wake, Talk Mode, camera, screen recording, Bonjour + device pairing.
- Android node: Connect tab (setup code/manual), chat sessions, voice tab, Canvas, camera/screen recording, and Android device commands (notifications/location/SMS/photos/contacts/calendar/motion/app update).
- macOS node mode: system.run/notify + canvas/camera exposure.
Tools + automation
- Browser control: dedicated openclaw Chrome/Chromium, snapshots, actions, uploads, profiles.
- Canvas: A2UI push/reset, eval, snapshot.
- Nodes: camera snap/clip, screen record, location.get, notifications.
- Cron + wakeups; webhooks; Gmail Pub/Sub.
- Skills platform: bundled, managed, and workspace skills with install gating + UI.
Runtime + safety
- Channel routing, retry policy, and streaming/chunking.
- Presence, typing indicators, and usage tracking.
- Models, model failover, and session pruning.
- Security and troubleshooting.
Ops + packaging
- Control UI + WebChat served directly from the Gateway.
- Tailscale Serve/Funnel or SSH tunnels with token/password auth.
- Nix mode for declarative config; Docker-based installs.
- Doctor migrations, logging.
How it works (short)
WhatsApp / Telegram / Slack / Discord / Google Chat / Signal / iMessage / BlueBubbles / IRC / Microsoft Teams / Matrix / Feishu / LINE / Mattermost / Nextcloud Talk / Nostr / Synology Chat / Tlon / Twitch / Zalo / Zalo Personal / WeChat / WebChat
│
▼
┌───────────────────────────────┐
│ Gateway │
│ (control plane) │
│ ws://127.0.0.1:18789 │
└──────────────┬────────────────┘
│
├─ Pi agent (RPC)
├─ CLI (openclaw …)
├─ WebChat UI
├─ macOS app
└─ iOS / Android nodes
Key subsystems
- Gateway WebSocket network — single WS control plane for clients, tools, and events (plus ops: Gateway runbook).
- Tailscale exposure — Serve/Funnel for the Gateway dashboard + WS (remote access: Remote).
- Browser control — openclaw‑managed Chrome/Chromium with CDP control.
- Canvas + A2UI — agent‑driven visual workspace (A2UI host: Canvas/A2UI).
- Voice Wake + Talk Mode — wake words on macOS/iOS plus continuous voice on Android.
- Nodes — Canvas, camera snap/clip, screen record,
location.get, notifications, plus macOS‑onlysystem.run/system.notify.
Tailscale access (Gateway dashboard)
OpenClaw can auto-configure Tailscale Serve (tailnet-only) or Funnel (public) while the Gateway stays bound to loopback. Configure gateway.tailscale.mode:
off: no Tailscale automation (default).serve: tailnet-only HTTPS viatailscale serve(uses Tailscale identity headers by default).funnel: public HTTPS viatailscale funnel(requires shared password auth).
Notes:
gateway.bindmust stayloopbackwhen Serve/Funnel is enabled (OpenClaw enforces this).- Serve can be forced to require a password by setting
gateway.auth.mode: "password"orgateway.auth.allowTailscale: false. - Funnel refuses to start unless
gateway.auth.mode: "password"is set. - Optional:
gateway.tailscale.resetOnExitto undo Serve/Funnel on shutdown.
Details: Tailscale guide · Web surfaces
Remote Gateway (Linux is great)
It’s perfectly fine to run the Gateway on a small Linux instance. Clients (macOS app, CLI, WebChat) can connect over Tailscale Serve/Funnel or SSH tunnels, and you can still pair device nodes (macOS/iOS/Android) to execute device‑local actions when needed.
- Gateway host runs the exec tool and channel connections by default.
- Device nodes run device‑local actions (
system.run, camera, screen recording, notifications) vianode.invoke. In short: exec runs where the Gateway lives; device actions run where the device lives.
Details: Remote access · Nodes · Security
macOS permissions via the Gateway protocol
The macOS app can run in node mode and advertises its capabilities + permission map over the Gateway WebSocket (node.list / node.describe). Clients can then execute local actions via node.invoke:
system.runruns a local command and returns stdout/stderr/exit code; setneedsScreenRecording: trueto require screen-recording permission (otherwise you’ll getPERMISSION_MISSING).system.notifyposts a user notification and fails if notifications are denied.canvas.*,camera.*,screen.record, andlocation.getare also routed vianode.invokeand follow TCC permission status.
Elevated bash (host permissions) is separate from macOS TCC:
- Use
/elevated on|offto toggle per‑session elevated access when enabled + allowlisted. - Gateway persists the per‑session toggle via
sessions.patch(WS method) alongsidethinkingLevel,verboseLevel,model,sendPolicy, andgroupActivation.
Details: Nodes · macOS app · Gateway protocol
Agent to Agent (sessions_* tools)
- Use these to coordinate work across sessions without jumping between chat surfaces.
sessions_list— discover active sessions (agents) and their metadata.sessions_history— fetch transcript logs for a session.sessions_send— message another session; optional reply‑back ping‑pong + announce step (REPLY_SKIP,ANNOUNCE_SKIP).
Details: Session tools
Skills registry (ClawHub)
ClawHub is a minimal skill registry. With ClawHub enabled, the agent can search for skills automatically and pull in new ones as needed.
Chat commands
Send these in WhatsApp/Telegram/Slack/Google Chat/Microsoft Teams/WebChat (group commands are owner-only):
/status— compact session status (model + tokens, cost when available)/newor/reset— reset the session/compact— compact session context (summary)/think <level>— off|minimal|low|medium|high|xhigh (GPT-5.2 + Codex models only)/verbose on|off/usage off|tokens|full— per-response usage footer/restart— restart the gateway (owner-only in groups)/activation mention|always— group activation toggle (groups only)
Apps (optional)
The Gateway alone delivers a great experience. All apps are optional and add extra features.
If you plan to build/run companion apps, follow the platform runbooks below.
macOS (OpenClaw.app) (optional)
- Menu bar control for the Gateway and health.
- Voice Wake + push-to-talk overlay.
- WebChat + debug tools.
- Remote gateway control over SSH.
Note: signed builds required for macOS permissions to stick across rebuilds (see macOS Permissions).
iOS node (optional)
- Pairs as a node over the Gateway WebSocket (device pairing).
- Voice trigger forwarding + Canvas surface.
- Controlled via
openclaw nodes ….
Runbook: iOS connect.
Android node (optional)
- Pairs as a WS node via device pairing (
openclaw devices ...). - Exposes Connect/Chat/Voice tabs plus Canvas, Camera, Screen capture, and Android device command families.
- Runbook: Android connect.
Agent workspace + skills
- Workspace root:
~/.openclaw/workspace(configurable viaagents.defaults.workspace). - Injected prompt files:
AGENTS.md,SOUL.md,TOOLS.md. - Skills:
~/.openclaw/workspace/skills/<skill>/SKILL.md.
Configuration
Minimal ~/.openclaw/openclaw.json (model + defaults):
{
agent: {
model: "anthropic/claude-opus-4-6",
},
}
Full configuration reference (all keys + examples).
Security model (important)
- Default: tools run on the host for the main session, so the agent has full access when it’s just you.
- Group/channel safety: set
agents.defaults.sandbox.mode: "non-main"to run non‑main sessions (groups/channels) inside per‑session Docker sandboxes; bash then runs in Docker for those sessions. - Sandbox defaults: allowlist
bash,process,read,write,edit,sessions_list,sessions_history,sessions_send,sessions_spawn; denylistbrowser,canvas,nodes,cron,discord,gateway.
Details: Security guide · Docker + sandboxing · Sandbox config
- Link the device:
pnpm openclaw channels login(stores creds in~/.openclaw/credentials). - Allowlist who can talk to the assistant via
channels.whatsapp.allowFrom. - If
channels.whatsapp.groupsis set, it becomes a group allowlist; include"*"to allow all.
Telegram
- Set
TELEGRAM_BOT_TOKENorchannels.telegram.botToken(env wins). - Optional: set
channels.telegram.groups(withchannels.telegram.groups."*".requireMention); when set, it is a group allowlist (include"*"to allow all). Alsochannels.telegram.allowFromorchannels.telegram.webhookUrl+channels.telegram.webhookSecretas needed.
{
channels: {
telegram: {
botToken: "123456:ABCDEF",
},
},
}
Slack
- Set
SLACK_BOT_TOKEN+SLACK_APP_TOKEN(orchannels.slack.botToken+channels.slack.appToken).
Discord
- Set
DISCORD_BOT_TOKENorchannels.discord.token. - Optional: set
commands.native,commands.text, orcommands.useAccessGroups, pluschannels.discord.allowFrom,channels.discord.guilds, orchannels.discord.mediaMaxMbas needed.
{
channels: {
discord: {
token: "1234abcd",
},
},
}
Signal
- Requires
signal-cliand achannels.signalconfig section.
BlueBubbles (iMessage)
- Recommended iMessage integration.
- Configure
channels.bluebubbles.serverUrl+channels.bluebubbles.passwordand a webhook (channels.bluebubbles.webhookPath). - The BlueBubbles server runs on macOS; the Gateway can run on macOS or elsewhere.
iMessage (legacy)
- Legacy macOS-only integration via
imsg(Messages must be signed in). - If
channels.imessage.groupsis set, it becomes a group allowlist; include"*"to allow all.
Microsoft Teams
- Configure a Teams app + Bot Framework, then add a
msteamsconfig section. - Allowlist who can talk via
msteams.allowFrom; group access viamsteams.groupAllowFromormsteams.groupPolicy: "open".
- Official Tencent plugin via
@tencent-weixin/openclaw-weixin(iLink Bot API). Private chats only; v2.x requires OpenClaw>=2026.3.22. - Install:
openclaw plugins install "@tencent-weixin/openclaw-weixin", thenopenclaw channels login --channel openclaw-weixinto scan the QR code. - Requires the WeChat ClawBot plugin (WeChat > Me > Settings > Plugins); gradual rollout by Tencent.
WebChat
- Uses the Gateway WebSocket; no separate WebChat port/config.
Browser control (optional):
{
browser: {
enabled: true,
color: "#FF4500",
},
}
Docs
Use these when you’re past the onboarding flow and want the deeper reference.
- Start with the docs index for navigation and “what’s where.”
- Read the architecture overview for the gateway + protocol model.
- Use the full configuration reference when you need every key and example.
- Run the Gateway by the book with the operational runbook.
- Learn how the Control UI/Web surfaces work and how to expose them safely.
- Understand remote access over SSH tunnels or tailnets.
- Follow OpenClaw Onboard for a guided setup.
- Wire external triggers via the webhook surface.
- Set up Gmail Pub/Sub triggers.
- Learn the macOS menu bar companion details.
- Platform guides: Windows (WSL2), Linux, macOS, iOS, Android
- Debug common failures with the troubleshooting guide.
- Review security guidance before exposing anything.
Advanced docs (discovery + control)
Operations & troubleshooting
Deep dives
Workspace & skills
- Skills config
- Default AGENTS
- Templates: AGENTS
- Templates: BOOTSTRAP
- Templates: IDENTITY
- Templates: SOUL
- Templates: TOOLS
- Templates: USER
Platform internals
Email hooks (Gmail)
Molty
OpenClaw was built for Molty, a space lobster AI assistant. 🦞 by Peter Steinberger and the community.
Community
See CONTRIBUTING.md for guidelines, maintainers, and how to submit PRs. AI/vibe-coded PRs welcome! 🤖
Special thanks to Mario Zechner for his support and for pi-mono. Special thanks to Adam Doppelt for lobster.bot.
Thanks to all clawtributors:
![clawdinator[bot]](https://avatars.githubusercontent.com/in/2607181?v=4&s=48 "clawdinator[bot]"){kind=small}
![google-labs-jules[bot]](https://avatars.githubusercontent.com/in/842251?v=4&s=48 "google-labs-jules[bot]"){kind=small}
