Omni-Channel Gateway
One agent, every platform. Slack, WhatsApp, iMessage, Web β the agent is reachable everywhere. Give it a task, walk away. It notifies you when it is done.
The Foundation
What is OpenClaw?
OpenClaw is an open-source AI agent orchestration middleware built on top of pi-agent. It transforms a command-line coding assistant into a persistent, always-on digital worker.
While a regular AI assistant forgets everything after a conversation ends, OpenClaw agents run continuously β they remember, they learn, and they can be reached through any messaging platform.
Core Capabilities
What OpenClaw can do
Persistent Workspace
Each agent has its own workspace that survives across sessions. A message from your phone precisely acts on a long-running server process thousands of miles away.
Docs-as-Code Brain
SOUL.md defines personality. AGENTS.md defines rules. MEMORY.md stores long-term memory. All plain Markdown files β no code required to customize an agent.
Zero-Code Skill Engine
Drop a script and a README into a folder. The agent learns the new skill instantly. No source code changes, no redeployment.
Guardrails & SOP Enforcement
Constrain agent behavior through declarative rules. Exceptions are automatically fed back as corrective signals, driving self-repair loops.
Research Motivation
Why I chose OpenClaw for this research
Declarative Agent Creation
Creating a new agent requires zero code changes to the runtime. Define behavior in Markdown files (SOUL.md, AGENTS.md), register configuration in openclaw.json β model selection, tool permissions, spawn permissions. Different agents get different permission levels and capability scopes.
Native Multi-Agent Support
A primary agent can dynamically spawn child agents, each with isolated workspaces and independent permissions. This makes it trivial to build and test multi-agent systems β ideal for researching agent collaboration, task delegation, and security isolation.
Self-Modifying Architecture
Agents can modify their own configuration files at runtime β updating memory, behavior rules, and operational procedures. New capabilities (skills, MCP servers) are hot-pluggable without restart. This creates a living system ideal for studying emergent behaviors and rapid prototyping.
Unique Security Surface
An OpenClaw deployment combines the attack surface of a traditional operating system (file system access, shell execution, privilege management) with novel LLM risks (prompt injection, unintended tool use, hallucination-driven actions). This intersection β where OS security meets AI safety β is underexplored and forms the core of the Claw-Stack research agenda.
- Prompt injection leading to unintended agent actions
- Privilege escalation through tool chain exploitation
- Memory poisoning affecting long-term decision quality
- Trust establishment in multi-agent hierarchies
- Legitimate tool use producing unintended destructive effects