The OpenClaw Mastery Guide

Build a sponsor inbox pipeline with multi-account email support. Create per-account config JSON files with sender identity, rubric weights, and CRM mapping. Set up a cron job every 10 minutes using Go CLI for Gmail API access. Implement lazy backfill to fetch historical threads for new sender domains. For every inbound email: (1) quarantine in isolated sandbox, (2) run deterministic sanitizer for prompt injection patterns, (3) Frontier scan with best available model, (4) if clean, score against editable rubric with 5 dimensions — Fit, Clarity, Budget Signal, Seriousness, Company Trust — each weighted. Apply Gmail labels matching score tier. Track deal stage locally in SQLite AND sync to HubSpot via API. Draft context-aware replies using Opus 4.6 with humanizer skill — never send template responses. Research every sender: validate company website, check reviews, look up team members on LinkedIn. If confidence score < 60%, escalate to Telegram with full reasoning for human review. Store all scored emails with embeddings for future cross-reference with CRM and knowledge base.

Create an editable email scoring rubric with 5 weighted dimensions: Fit (does this match our niche?), Clarity (is the ask specific?), Budget Signal (do they mention budget/deliverables?), Seriousness (professional tone, real company domain, not Gmail?), and Company Trust (verifiable web presence, reviews, team on LinkedIn?). Weight each dimension and compute a composite score 0-100. Define tier actions: Exceptional (80+) escalate to team immediately with Slack/Telegram alert, no auto-reply. High (60-79) notify team non-urgently. Medium (40-59) auto-reply with qualification questions. Low (20-39) politely decline with template. Spam (<20) ignore and log. When confidence is below 60%, send full breakdown to Telegram with reasoning and ask for human review. Store rubric as editable JSON so you can adjust weights based on feedback. Track score accuracy over time — log every human override and use it to retrain the rubric weekly.

Set up dual prompt stacks for multi-model resilience. Root markdown files are Claude-optimized: use natural language, explain the 'why' behind every rule, avoid ALL CAPS (Opus 4.6 overindexes on emphasis). Create a /codex-prompts subfolder with GPT/Codex-optimized versions of every file — structured format, ALL CAPS welcome, different formatting conventions. Download the official prompting guides for each model and reference them. Both stacks MUST contain identical operational facts — only the formatting and tone differ. Set up a nightly sync review cron: compare every file across stacks, flag any content drift (different facts, missing rules, contradicting instructions), and alert via Telegram if drift is detected. Build a one-command model swap: promote the backup folder to root, demote current root to subfolder, update all references. The longest your stacks should ever be out of sync is 24 hours.

Set up a strict file architecture with zero duplication. Each file has exactly one purpose and every piece of information lives in exactly one place. agents.md — operational rules, security protocols, safety constraints, task execution patterns, message formatting, cron standards, error reporting procedures. Define both 'what belongs here' and 'what does NOT belong here' for each file. soul — agent personality, philosophy, identity (name, creature type, emoji), keep to 5-10 lines max per OpenClaw best practices. user.md — everything about you: name, role, business context, communication preferences, timezone, team structure. tools — environment-specific values only: Telegram channel IDs, Slack workspace IDs, Asana project IDs, API endpoint URLs. Never put these in other files. heartbeat — periodic health check cron configuration. memory.md — private accumulated learnings, never shared with team or external. sub-agent policy — rules for spawning sub-agents, which model to use, context limits, permission boundaries. On-demand docs (loaded only when needed, NOT every call): PRD (full feature definitions), use cases, workspace files, security best practices, coding standards, skill files, reference material. Run an automated cron to detect duplication across files and prune by ~10% every other day.

Build a contact discovery pipeline that scans Gmail, Google Calendar, and Slack daily. For every new contact found: filter out spam, marketing emails, event invites, and automated notifications. Classify remaining contacts and store in a SQLite database with a vector column — support both traditional SQL queries AND semantic/natural language search using local embeddings (Nomic MBEG, zero cost). Run proactive company research daily: search for news articles, press releases, and social mentions about every CRM company. Enable natural language queries like 'Who haven't I talked to in 4 months?' or 'Show me all contacts at Series A companies.' Implement cross-pollination: when a new sponsor email arrives, automatically cross-reference against the knowledge base for related articles, previous conversations, and company intelligence. Generate auto follow-up drafts, relationship nudges, and weekly relationship summaries. Back up the CRM database encrypted to Google Drive nightly.

Build a meeting intelligence pipeline. Use Fathom notetaker to transcribe every meeting (internal + external). After each meeting ends, pull the transcript via Fathom API. Match all attendees to existing CRM contacts by email/name. Extract two categories: (1) strategic insights and key discussion points, (2) specific action items with assignee and deadline. Generate context embeddings using local Nomic model and store alongside the CRM record. For action items: send to Telegram for human approval before creating tasks. On approval, create Todoist tasks AND update HubSpot — automatically associate each action item to the correct deal and assign to the right team member based on meeting context. Track follow-through: if an action item isn't completed within the deadline, send a nudge.

Build a knowledge base ingestion pipeline. Accept input from Telegram (forward any article/video/tweet) and Slack (@Claude save command). For every ingested item: (1) pre-flight URL validation, (2) fetch full content, (3) sanitize — strip scripts, iframes, tracking pixels, (4) quarantine in isolated sandbox, (5) Frontier scan with best model to check for prompt injection or malicious content, (6) if safe, chunk into semantic segments, (7) embed locally with Nomic MBEG (zero cost), (8) store in SQLite with full-text search + vector search. Cross-post saved items to team Slack AI-trends channel with attribution. Run a daily proactive search cron: for every company in the CRM, search for new articles, news, and social mentions — auto-save relevant ones. Enable semantic querying: 'Find articles about AI agents in healthcare' returns ranked results with sources. For content pipeline: when someone tags @Claude with 'potential video idea', read the full thread context, query the knowledge base, search X/Twitter for viral discourse on the topic, then create a structured Asana card with outline, hook ideas, thumbnail concepts, and reference links.

Implement a 6-layer security architecture for your AI agent system. Layer 1 — Network Gateway: token-based authentication on all endpoints, never expose the agent directly to the internet, weekly verification via heartbeat cron. Layer 2 — Channel Access Control: define 3 tiers — DM (full access, confidential data OK), Group Chat (redacted, internal only), Email (strictest, no PII ever). Layer 3 — 3-stage Prompt Injection Defense: (a) deterministic sanitizer that strips known injection patterns like 'ignore previous instructions', (b) Frontier scanner — take the best model, sandbox the content, have it scan for adversarial intent, (c) elevated risk markers with cumulative scoring. Layer 4 — Secret Protection: outbound PII redaction on ALL message paths (Telegram, Slack, email), pre-commit git hook that blocks common API key patterns, locked file permissions. Layer 5 — Automated Reviews: nightly security council scans file permissions, gateway configs, secrets exposure, CRM data access patterns; offensive + defensive + data privacy + operational realism perspectives. Layer 6 — Data Encryption: encrypted SQLite databases, password-protected backups, data classification tiers (Confidential → Internal → Restricted → External) enforced per-conversation.

Set up smart cron scheduling to spread heavy jobs overnight and avoid competing with daytime quota. Schedule: 1:00 AM — Instagram analytics collection, 1:15 AM — X/Twitter analytics, 1:30 AM — YouTube analytics, 2:00 AM — CRM sync + proactive company research for all contacts, 2:30 AM — Knowledge base article discovery scan, 3:00 AM — Security council (file permissions, gateway configs, secrets audit), 3:20 AM — Platform council (code quality, cron health, test coverage, prompt quality, dependency check), 3:40 AM — Innovation scout (search web for new OpenClaw use cases, compare with current setup, suggest improvements). Use calendar-aware polling — only pull data when signals indicate change. Monitor the 5-hour token window and ensure heavy crons never overlap with peak daytime usage. Log all cron executions and alert via Telegram on any failures.

Build a comprehensive logging and self-healing system. Create a single event-log.js pattern shared across the entire app — every LLM call, external API request, cron execution, error, and user interaction gets logged. Store in two formats: JSONL file backup (rotated daily) + SQLite database with full-text search. Maintain 3 accumulating knowledge files: learnings.md (patterns discovered, optimizations found), errors.md (recurring issues and their fixes), feature-request.md (ideas from daily use). Set up 3 nightly councils: (1) Platform Council — reviews cron health, code quality, test coverage, prompt quality, dependency versions, storage usage, skill integrity, config consistency, CRM data integrity; (2) Security Council — offensive, defensive, data privacy, and operational realism perspectives; (3) Innovation Scout — searches the web for new OpenClaw use cases, compares with your current setup, suggests improvements with implementation plans. Morning routine: say 'Look at overnight logs and fix any issues' — the agent reads all error logs, cross-references with learnings.md, and auto-fixes known patterns.

Implement cost optimization for high-volume AI agent usage. (1) Local embeddings: use Nomic MBEG text model on-device — zero cost vs cloud embedding APIs. (2) Model tiering: Sonnet 4.6 for daily tasks (rubric scoring, email drafts, cron jobs), Opus 4.6 for complex reasoning (security analysis, architecture decisions, multi-step planning). Route via a centralized LLM-router.js. (3) Spread usage: schedule heavy jobs overnight across a 5-hour window, never compete with daytime interactive usage. (4) Prompt caching: built into Claude — saves 50%+ on repeated system prompts. Monitor cache hit rate via /status command. (5) Calendar-aware polling: don't pull data on a fixed schedule — look for signals that indicate change (new email, calendar event ending, Slack mention). (6) Notification batching: Critical = deliver immediately, High = batch hourly (CRM updates, council digests, cron failures), Medium = batch every 3 hours (routine updates). (7) Track everything: build an LLM usage dashboard that logs every call — model, input/output tokens, estimated cost, which feature triggered it. Query with 'Show me LLM usage for the last 24 hours' to identify optimization opportunities.

Build a backup and disaster recovery system. (1) Auto-discover all database files across the project. (2) Encrypt each database with AES-256 using a password stored in your secrets manager. (3) Upload encrypted backups to Google Drive via API — organize by date. (4) Rotate old backups: keep daily for 7 days, weekly for 4 weeks, monthly for 12 months. (5) Git sync: every hour, auto-commit any changed files, push to GitHub, send Telegram confirmation. (6) Document the full restoration process in a restore.md file: download from Google Drive → decrypt with stored password → read the manifest → restore database files → verify integrity → restart all services. (7) Password-protect all database backups — even if someone finds the file, they can't read it without the encryption key. (8) Test the restore process monthly: spin up a fresh environment, run the restore, verify all data is intact and all services come online.