5 Things to Do After Installing OpenClaw (Before You Break It)

Program With Erik| 00:09:36|May 11, 2026
Chapters7
The chapter introduces Open Claw and outlines five key steps to take after installation, demonstrating the speaker’s enthusiasm and the basic setup path.

Secure your Open Claw install from day one with tokenized gateway access, loopback binding, solid memory and model choices, plus practical workflow tips.

Summary

Program With Erik walks through a pragmatic starter guide for Open Claw after installation. He first shows the dashboard and notes you can switch between dark and light modes, then emphasizes checking configuration details for models, channel, and security. He highlights two security must-dos: set gateway auth mode to token and ensure gateway bind mode is loopback to avoid exposing Open Claw to the internet. Erik suggests running Open Claw on a dedicated machine (like a Mac mini or an AWS Lightsail instance) and walking through a security audit using the docs page and the command: Open Claw security audit --deep. He also recommends using the Open Claw releases page to verify your version and manually update with the update --tag command. Model strategy is explained with examples of GPT-5.5, GPT-5.4, Claude Opus 4.6/4.7, and Codex, plus tips to mix local models or cheaper options to manage token usage. Memory and personality get practical attention with soul.md, agents.md, and user.md to define boundaries, long-term memory, and onboarding prompts. Erik adds tips for backing up workspace to GitHub, compacting sessions with /compact, starting fresh with /new, and asking side questions with /BTW. He wraps by inviting viewers to share missing tips and linking additional resources.

Key Takeaways

  • Set gateway auth mode to token and never leave it as none to protect the dashboard from unauthorized access.
  • Configure gateway bind mode to loopback so Open Claw runs on localhost and avoid exposing it to the public internet.
  • Run the security audit regularly (Open Claw security audit --deep) and share findings to maintain a secure deployment.
  • Check the releases page (open claw is it stable) and update manually with update --tag to stay on safe versions.
  • Choose a model strategy that balances cost and capability (GPT-5.5/5.4, Claude Opus 4.6/4.7, Codex) and consider local backups for token efficiency.
  • Curate memory and personality with soul.md, agents.md, and user.md, and seed long-term memory for better context across sessions.
  • Back up your workspace to a private GitHub repo and use /compact, /new, and /BTW to manage context and workflow.

Who Is This For?

Essential viewing for developers setting up Open Claw who want solid security, sensible model budgeting, and practical workflow tips right after installation.

Notable Quotes

"Take a look at your gateway auth mode. So, I have this set up as token. So, you never want this as none."
First security tip about configuring gateway authentication.
"The second and maybe even more important thing is your gateway bind mode. It should be set up to loopback."
Emphasizes restricting access to localhost for safety.
"There is a security page here at docs.openai gateway security. So, read the information from the security page and then run the Open Claw security audit --deep."
Reference to the official security guidance and audit procedure.
"You can use /compact to reduce the context size, and /new to start a brand new chat with a fresh context."
Practical token-management commands to control context growth.
"Backing up everything to GitHub keeps your soul.md, agents.md, and sessions safe if you ever reinstall."
Advice on safeguarding workspace data.

Questions This Video Answers

  • How do I secure the Open Claw dashboard after installation?
  • What are best practices for Open Claw memory and long-term memory prompts?
  • Which models are recommended for Open Claw to balance cost and performance?
  • How do I update my Open Claw version safely and what does update --tag do?
  • What are the tips for backing up and organizing Open Claw workspace files?
Open ClawOpen Claw gateway securityOpen Claw update processGPT-5.5Claude OpusCodexmemory in AI agentssoul.mdagents.mduser.md
Full Transcript
Hey developers, I really like this new Open Claw. It's my own personal AI agent. I've been trying it out for a while now and I think it's pretty awesome. Let me show you five things that you need to do after you get it installed. So, here is my Open Claw dashboard. I have it in dark mode, but you can always switch it to light mode. Maybe that's the very first thing you do. But, one thing I like to do is I always check how it's configured. If I go into config, I get some information about my models, channel, security. If I go into infrastructure, I can look at my gateway settings. And I think this is the most important thing you need to do when you first install. Take a look at your gateway auth mode. So, I have this set up as token. So, you never want this as none. This will give you an extra level of protection when you are using the dashboard. That way, people have have this token to actually open it up. You may have seen that the first time you open up the dashboard, you have to have that token. It might already be pre-populated depending on how you opened it. The second and maybe even more important thing is your gateway bind mode. It should be set up to loopback. If that would be it running on localhost. It might be set up for LAN, so it's using the local IP address. But, you never want this to be on none or have it set so it's on the public internet. And that is very dangerous. There's thousands of unsecured Open Claw instances out there. So, you don't want that to happen. In fact, I'd recommend also to have this on its own dedicated machine, your own Mac mini, or an old laptop. Uh that way it's not on your personal computer. At AWS, we have Lightsail that you can create and use your own instance of Open Claw. So, I'd highly recommend to take a look at that. I'll put link on that in the description as well. I'd also take a look at the security. So, there is a security page here at docs.openai gateway security. So, I pasted this prompt here. So, read the information from the security page and then run the Open Claw security audit {dash} {dash} deep. And I recommend for you to run that twice a day and then also to send me any of the findings. And that way I can make sure that my open claw instance is secure. Another thing I like to do is I go to this open claw is it stable.com/openclaw and it gives you an idea of each one of the releases and how stable they are. And it gives you an idea of also how to tag it. So by default open claw doesn't automatically update. So you may want to check to see if your version is a safe version and then I would update occasionally manually and you can use this open claw update dash dash tag and then tag the version you're updating to. And just make sure you update one that's not broken like this one I do not upgrade. So next thing I would do is check the model that I am using. So in this case I'm using open AI GPT 5.5 and I don't have any fallback models. So this definitely will work. However, it is going to use a lot of tokens. A lot of people recommend to use either open AI's GPT 5.5 or 5.4 models or Anthropic's Claude Opus 4.6 or 4.7. But if you do both of those you're going to use a lot of tokens. A couple of ways you can get around that is if you're using Codex. Let's imagine you have a chat GPT subscription. You can get Codex working here and have it underneath your subscription. But you are going to have limits. You might have some issues so I would recommend for you to also put a fallback. There's also this nice screenshot I found here of having different models. Obviously the premium would be like Claude Opus, Claude Sonnet. You can also get a cheaper maybe Claude model if you wanted to have a fallback. There's also just using like when coders API which is a lot cheaper than the latest models. Another way you can do it is just to run local models and your mileage may vary. These are the ones as of now that the community is recommending. If you had 32 gigabytes of RAM you can run when coders 32B or GLM flash might be a back a cheaper backup. You can run MiniMax local or quant coder 32B as your backup. And then if you have just 128 gigs of RAM, you might be able to run these really really fast models. I'd also recommend maybe have a really good video card as well. Another real good thing you can do is you can always go to the overview and look at the cost. And this is actually really nice. I usually try to refresh this occasionally. I've seen I've used a dollar 52 of my GPT 5.5. This actually is really close to the open eye I dashboard when I checked. So you can keep an eye out of how many tokens you've used because once you run out of tokens, you're going to have to get more. And like I said, using maybe a local model will help. Another thing I like to do is to look at the files. If I go to agents and then files, I have agent souls, I have all these things. The first thing I like to do is to set my soul.md with boundaries. So if I go into my soul here, here it is kind of a generic one that it comes with. What I like to do is I like to refine this. Here are like three things you might want to fill out for your soul's MD. This is essentially the agent, the personality of the agent that you're using. So I'll say, you are this. Give the agent a name. In this case I gave the agent name Jamie. You're collaborator, not an assistant. Push back when I'm wrong. Now during onboarding it does ask you a few of these questions, but I would go in here and manually update this to exactly what you want. You can put defaults, only use a more powerful model when explicitly asked for deep analysis. For routine tasks use the cheapest capable model. This will save you tokens as well. And then obviously some boundaries, never delete files without explicit confirmation, never send messages on my behalf without showing me the draft first. And you can definitely edit and update this. So I would go in and curate what the soul is what what your agent is going to to be like before you get into that. One thing especially with memory that we're going to talk about is a lot of times it keeps forgetting. Especially if you use open claw for a long time, it forgets who you are. I like to put this prompt in as well. You're an aggressive note-taker. After every significant session, write key decisions, preferences, and facts into your daily log. This will help you make sure that it starts at creating these individual notes for each time you guys talk together, and it'll be added into your workspace and into the context for later on. Now, that's the soul. Let's talk about memory. So, I like to seed it. So, the first things I put in here is my my preferences, my communication styles, my standing rules, my key contacts. So, these are things that it's going to be in long-term memory. It's going to be added into the context every time you start a new chat. Uh it's going to be things that it remembers. And it should automatically be starting to add things in as you start talking back and forth. Now, agents.md is also a place I would go in. This is going to be what the agent is um from the agent style. So, these are more specific rules that you want the agent to follow. While memory is like your notes of what you've been doing and you want it to save for this long-term memory for you. Uh user.md is information uh specifically about you. So, you can put in like who I am, how I work, what I'm trying to do with Openclaw. I would go through these files soon as I did a a fresh install and update each one of these. So, here's a sample prompt that I've used in the past. So, I put in who I am, my name, my role, my location, how I work, what I try to do with Openclaw. This will all help the agent understand better of who you are, and so it can work better with you. You can enable this dreaming session, too. If you go down to dreaming, this is like a beta feature that will take all your session information and put it into this dreams.md information, and it creates stronger memories for you. Uh I haven't tried it out much, but you may want to turn it on and see how it does for you, too. Now, as you work with Openclaw, you may find out at some point you need to delete it or reinstall it, and it'll be a really shame that all that stuff in your workspace gets lost. An easy way to do this is to make sure that you're backing up all your information to GitHub. So, I even put this in there. Help me put my Open Claw workspace files into a private GitHub repo and commit changes automatically after each session. And that way, you're always going to have your everything in the workspace. Those are going to be your sessions. That's going to be your that your souls MD, your agents MD, all that information. It's all going to be saved in one place. Also, while you're working in here, here's a couple of small tips while you're working and you're chatting back and forth. As you build up your session and you're chatting back and forth, and by the way, I'm using the web UI, but maybe you're using Telegram or something else, it's going to keep adding and adding more information to the context. It's going to use a lot of tokens. And it will automatically compact you compact your information at it after a certain point of time. But, I would think about automatically compacting it for yourself. So, you can run {slash} compact and then compact the session, and that will reduce the amount of tokens that it's using because it's trying to send all that information over to the large language model after every time you enter something in, and this will help. I Another thing you can do, and and this is highly recommended, is do {slash} new. This will open up a brand new chat session with you with a brand new fresh context. So, I highly recommend you do {slash} new every time you trying to talk to about something new with the agent. Don't have just one huge thread. So, you can kind of organize your thoughts. Another really quick tip is do {slash} BTW. This is by the way. And this BTW is a great for asking a side question without changing the future session context. So, if you have a quick question you don't want to open up and do {slash} new, then you can always do the {slash} BTW and just add something quickly into the session. So, those are five things more than five things that you can do when you first start off with Open Claw. Let me know if I missed anything in the in the comments below. And also, I'll put some links to some other videos I found very useful that I I got I got some information from. Thanks.

More from Program With Erik

Related Videos

Computer use in Codex thumbnail

Computer use in Codex

 OpenAI
00:11:25
Architecting the Perfect Workflow: Integrating Multiple AI Providers for Devs thumbnail

Architecting the Perfect Workflow: Integrating Multiple AI Providers for Devs

 Tony Xhepa
00:19:25
Claude Just Solved Session Limits thumbnail

Claude Just Solved Session Limits

 Nate Herk | AI Automation
00:10:22
Master 97% of Codex in 1 Hour (full course) thumbnail

Master 97% of Codex in 1 Hour (full course)

 Nate Herk | AI Automation
01:00:59
It’s Broken… The Claude Code Vs Codex Debate Is Finally Over thumbnail

It’s Broken… The Claude Code Vs Codex Debate Is Finally Over

 AI LABS
00:15:52
Open Source Friday - Welcome to Maintainer Month 2026 thumbnail

Open Source Friday - Welcome to Maintainer Month 2026

 GitHub
01:31:49

Get daily recaps from
Program With Erik

AI-powered summaries delivered to your inbox. Save hours every week while staying fully informed.

Get Started