My OpenClaw setup that finally works (Complete Walkthrough)

What It Covers

Moritz Kremb walks through a 10-step system for optimizing OpenClaw, the open-source personal agent framework, covering setup troubleshooting, memory persistence, model configuration with fallback chains, security hardening, and two real-world production systems: an automated short-form video content pipeline and a conversational CRM built on Google Sheets, Gmail, and calendar integrations.

Key Questions Answered

• •Troubleshooting Baseline: Before configuring anything else, create a dedicated "OpenClaw Support" project inside Claude or ChatGPT, then upload a compressed copy of the OpenClaw documentation sourced from context7.com. This gives the AI grounded, accurate answers instead of hallucinated solutions. Kremb reports this single step resolves roughly 99% of setup errors that previously sent users to unreliable Reddit threads and outdated forum posts.
• •Personalization Files: OpenClaw installs a workspace folder containing five core markdown files: agents.md (agent behavior), soul.md (personality), identity.md (character), user.md (personal context), and memory.md (long-term recall). Populating these files thoroughly at setup dramatically improves output quality. Whenever the agent does something right or wrong, instruct it to update the relevant file immediately to lock in that preference going forward.
• •Memory Persistence Fix: OpenClaw does not create memory.md by default, so users must manually instruct the agent to create it. Enable two settings — compaction memory flush and experimental session memory — so context is written to disk before the context window compacts. Add a heartbeat instruction to check and write a daily memory file every 30 minutes, preventing information loss across long sessions and multi-day workflows.
• •Model Configuration and Fallback Chain: Avoid expensive per-request API billing by authenticating via the OAuth method using an existing $20 OpenAI subscription as the primary model. Set a second $20 Anthropic subscription as fallback, then add OpenRouter or Kill Gateway as a third tier for open-source model access. Switching models via a single Telegram command like "models" keeps the agent operational when any primary provider experiences downtime or rate limits.
• •Security Hardening: Run OpenClaw on a local Mac rather than a VPS to reduce attack surface, since local machines benefit from OS-level security hardening. Store all API keys in a single .env file outside the workspace directory. Add a prompt-injection warning inside agents.md instructing the agent to reject commands arriving through external channels like email. Use the strongest available model tier, as higher-capability models are measurably more resistant to prompt-injection attacks.
• •Heartbeat and Cron Stability: The heartbeat.md file executes every 30 minutes and should contain only three focused tasks: memory maintenance, to-do list auto-update, and a cron health check that detects and retriggers any failed scheduled jobs. Keeping heartbeat instructions minimal controls token consumption since the file runs continuously. Cron jobs currently lack reliability in OpenClaw, making the built-in health check inside heartbeat essential for any time-sensitive automated workflow.