Most people install OpenClaw and stare at a blank SOUL.md. I turn it into a personal AI agent that knows your workflow, manages your tools, and works while you sleep.
Whether you're shipping code, running a business, managing retirement, or operating infrastructure. Same platform, tailored to your world.
10x your output without 10x the burnout. Your AI handles the boilerplate, tracks your PRs, reviews your code, and remembers every architecture decision you made three months ago.
You're wearing six hats already. Let your AI handle email triage, calendar management, content drafts, and customer follow-ups. Talk to it on Telegram from your phone between meetings.
You have resources and you value your time. A personal AI agent that manages your digital life: tracks news that matters to you, monitors your accounts, organizes your documents, and keeps you informed without the noise.
Consolidate your SOC, NOC, or IT operations into a living source of truth. Your AI monitors services, triages alerts, tracks incidents, and maintains runbooks that actually stay current.
Every setup is built around YOUR workflow. Not a template. Not a default config. A system designed to make you faster.
Persistent context across sessions. Your AI remembers decisions, preferences, and project history. No more repeating yourself.
Email digests, calendar reminders, backup monitoring, content scheduling. All running in the background, reporting when it matters.
Telegram, Discord, Signal, Slack, iMessage. Talk to your AI wherever you already are. Same brain, every surface.
Web search, calendar, email, GitHub, image gen, code execution. Each skill installed and configured for your stack.
A private PWA to monitor everything: tasks, services, memory, usage, search. Accessible from your phone over VPN.
Orchestrate local Ollama models with cloud APIs. Use the cheapest model for every task. Token-efficient by design.
You're giving an AI agent access to your email, calendar, files, and messaging. That's powerful. It's also a liability if configured wrong. Every setup I build is locked down by someone who does this for a living.
Explicit allowlists for every tool. Your AI can read your inbox but can't send emails without approval. Granular control over what actions require confirmation.
Firewall rules, SSH lockdown, VPN-only access to dashboards. No exposed ports, no public endpoints for your private data.
API keys and tokens stored properly. No plaintext credentials in config files. OAuth where possible, scoped permissions everywhere else.
Every external action your AI takes is logged. Email sends, API calls, file modifications. Full visibility into what your agent is doing.
Private memory stays private. Group chat context is isolated. Your AI knows not to share personal data in shared spaces.
Encrypted backups of your configuration, memory, and automations. If something breaks, we restore. Not rebuild from scratch.
Every setup includes the baseline. Add hardening layers based on how sensitive your data is and how much autonomy you want your AI to have.
The baseline for every setup. Sensible defaults that keep you safe without getting in the way.
For sensitive environments. Zero-trust network access and tighter autonomy controls.
Maximum lockdown for operations teams handling sensitive data. Full audit capability and compliance-ready.
During setup, we dial this in together. More autonomy means more gets done while you're away, but every step up needs tighter guardrails.
Reads and summarizes. Never acts without explicit approval. Best for getting started.
Monitors and suggests. Drafts emails, posts, and actions. You approve before anything goes out.
Handles routine tasks autonomously. Escalates anything unusual. The sweet spot for most users.
Full delegation. Sends emails, posts content, manages services. Requires Fortress-level security.
You don't hand someone the keys on day one. We ramp up access incrementally, proving the system at every level before moving to the next. Here's how that works.
Manual interaction via Telegram or Discord. You watch every action in the logs. All file operations sandboxed to the workspace. This is where every client begins.
Let it run small tasks without watching logs in real-time. Review outputs after completion. Still isolated to the workspace directory. You're building confidence in its judgment.
Give read access to your actual project directories. Still write-restricted to the workspace. Test with: "Analyze my project at ~/projects/myapp and suggest improvements."
Allow writes to specific project folders. Git as your safety net: always commit before letting it work, so every change is reversible. Test with: "Refactor this function in my actual repo."
Cron jobs and event triggers fire tasks automatically. Morning briefings, automated PR reviews, email triage, backup monitoring. Your AI works while you don't.
MCP servers for GitHub, Slack, email, calendar. Your AI opens PRs, sends messages, responds to issues, manages your calendar. Full delegation with full audit trail.
โ THE REALITY CHECK
An unconfigured AI agent with access to your accounts is an open door. Default configs ship permissive. Most tutorials skip security entirely. I've seen setups where the AI could send emails, post to social media, and access banking portals with zero guardrails. Don't be that person's cautionary tale.
OpenClaw is the platform. You bring the AI model subscription. I help you pick the right one for your use case and budget, then optimize every token.
Access to Claude Sonnet 4.5 and Haiku. Great for everyday tasks: email, scheduling, content, research. Solid performance at a reasonable price point.
Full access to Opus 4.6, the most capable model available. Best-in-class reasoning, personality, and prompt injection resistance. Essential for autonomous setups.
Access to GPT 5.3 Codex via the Codex CLI. Exceptional at structured code generation, reviews, refactors, and test writing. The coding workhorse.
Run open-source models on your own hardware. Handles embeddings, code search, commit messages, and triage. Zero cloud cost for mechanical tasks. Requires a decent GPU.
Not everyone needs a $200/mo subscription. These options work with OpenClaw and can dramatically lower your monthly AI costs. Fair warning: cheaper models mean less reliable judgment, weaker personality, and more supervision needed. You get what you pay for.
Open-source, top-tier coding performance, free API access through NVIDIA. Solid for code-heavy workflows. Weaker on personality, nuance, and long-context orchestration compared to Opus.
โ Not recommended for autonomous mode
New frontier model from China. Strong agentic benchmarks, lowest hallucination rates in class, roughly 5-8x cheaper than Opus on API pricing. Worth watching.
โ Newer model, less battle-tested
I'll walk you through the tradeoffs in the discovery call. Sometimes cheaper is smart. Sometimes it costs you more in wasted time and bad outputs.
I'll help you pick during the discovery call. Here's what most people land on.
Perfect entry point. Sonnet handles daily tasks, Ollama handles embeddings and triage. Great bang for buck.
Opus for orchestration and creative work, Ollama for mechanical tasks. The sweet spot for most power users.
Opus orchestrates, Codex codes, Ollama triages. For developers who want the absolute best of every model.
During the discovery call, we'll map out exactly which models you need and why. Not everyone needs Opus. Not everyone needs Codex. I'll build you a model plan based on your actual workflows, not what's trending on Twitter.
Initial model plan with setup. Recommended subscription, model routing, and token optimization configured.
Ongoing model reports. When new models drop, I'll tell you what changed, what matters for your setup, and what's just hype. No more FOMO upgrades.
โ A NOTE ON TOKEN USAGE
More automation means more token consumption. Heavy heartbeats (checking email, calendar, and services every 30 minutes), aggressive cron jobs, and autonomous workflows can burn through your subscription limits fast. Part of my job is optimizing this. I use model cascading (cheap models first, expensive models only when needed), smart heartbeat scheduling, and token-conscious prompt design to keep costs predictable. During setup, we'll dial in the right balance of automation vs. spend for your budget.
๐ก FEBRUARY 15, 2026
Peter Steinberger joined OpenAI. OpenClaw is moving to a foundation.
The platform just got serious backing. New features, integrations, and capabilities are going to accelerate. The gap between a default install and an optimized production setup is about to get wider, not narrower.
I'm spending the hours to stay current so you don't have to. When new features drop, I test, benchmark, and roll them into client configs. When models improve, I update your orchestration. Maintenance clients get continuous upgrades. Everyone else gets a solid foundation they can build on.
๐ก PROMPT INJECTION IS ALREADY HAPPENING
People are embedding prompt injections in their public LinkedIn bios right now. Fake admin instructions designed to hijack any AI agent that reads their profile. If your agent scrapes the web, reads email, or processes documents from untrusted sources, it will encounter adversarial input. This isn't theoretical. It's already in the wild.
The question isn't whether your agent will see a prompt injection. It's whether your model is smart enough to ignore it. This is why model choice is a security decision, not a budget decision.
โ MODEL RECOMMENDATION: OPUS 4.6
Claude Opus 4.6 is the recommended model for any agent with autonomous capabilities. It has the strongest prompt injection resistance, the best reasoning about when NOT to act, and the most consistent personality over long sessions. This is not a preference. It's a security consideration.
If your agent reads email, processes documents, or operates in group chats, it's exposed to adversarial input. A crafted email or message can attempt to hijack a weaker model's context and trigger unintended actions. Opus is significantly more resistant to these attacks than Sonnet, Haiku, GPT, or open-source alternatives.
Other models will function, and I use them in my own stack for specific tasks (Codex for code gen, Haiku for bulk ops, Ollama for embeddings). But the orchestration layer, the model that decides what to do and when, should be Opus. Using a cheaper model for autonomous decision-making is a risk you should understand before you accept it.
You provide the hardware and AI subscription. I provide the expertise.
Every setup includes personalized configuration and a walkthrough.
Runs on whatever you already have. Mac, Windows with WSL, or straight Linux. You don't need to buy a Mac Mini for this unless you want one.
Get OpenClaw running with a single channel and starter automations. Perfect for getting your feet wet.
Multi-channel, memory, integrations, and a workflow built for how you work. Most clients pick this one.
The full build. Dashboard, multi-model orchestration, sub-agent pipelines, and Fortress-level security.
Keep your setup sharp. Updates, tuning, and priority support so things keep running while you focus on your work.
Add to any tierNot sure what hardware to run this on? I'll spec out exactly what you need based on your workload, budget, and whether you want local AI models. Works on Mac, Windows (WSL), or native Linux. An old laptop, a mini PC, a rack server, whatever fits your setup. If you want local AI models, I'll help you pick the right GPU.
Get a RecommendationReal examples from production setups. Not theoretical. Running right now.
Checks your inbox at 8am, summarizes what matters, flags anything urgent. You wake up to a brief instead of 47 unread threads.
Drafts posts for LinkedIn, Bluesky, and Mastodon. Queues them for review. You approve, it publishes. Your voice, automated.
Indexes your entire codebase with embeddings. Search by concept, not just text. "Find where we handle auth errors" just works.
Orchestrate sub-agents with different models: Opus for architecture, Codex for implementation, Haiku for bulk ops. Right model, right job.
A private PWA accessible from your phone. Monitor tasks, services, memory, and usage. Your entire operation in your pocket.
Your AI monitors services, triages alerts, tracks incidents, and keeps runbooks current. A single-person ops team that never sleeps.
Four steps. Usually done within a week.
30-60 min. We map your workflow, pick your AI subscription, choose your security level, and set autonomy boundaries.
I set up OpenClaw, harden your system, configure integrations, and tune token usage. Usually 1-3 days.
Live session where I show you everything. How it works, how to modify it, how to add new skills, where the guardrails are.
30-60 days of email support depending on your tier. Questions, tweaks, and optimization included.
Two ways to get up and running. Most clients go remote. If you want the white-glove treatment, I'll come to you.
I connect to your machine via secure screen share (Zoom, Google Meet, or your preference). You watch the entire process. I walk you through everything live. Works anywhere in the world.
I come to you, set up the hardware, configure the network, and make sure everything is perfect in your environment. Hands-on the keyboard. White-glove service.
I do not set up OpenClaw on cloud servers, VPS instances, or shared hosting. Your AI agent has access to your personal data, credentials, and accounts. That belongs on hardware you physically control, on your own network, behind your own firewall. This is a security decision, not a cost one. If you don't have suitable hardware, I'll help you spec and purchase it.
Services that spin up a hosted AI agent for you sound convenient. But think about what you're getting: your personal data, credentials, and conversations living on a shared VPS you don't control, alongside every other customer's instance. The same infrastructure that botnets and zombie networks rent by the hour. You don't know what data center your instance is in. You don't know who has root access to the host machine. You don't know who else is reading your logs, your memory files, or your API keys. You're trusting a stranger's server with everything your AI agent can see and do.
Even if the host is well-intentioned, you get an empty /workspace with boilerplate configuration files and generic personality templates. No optimization. No model tuning. No workflow design. No security hardening beyond whatever the defaults happen to be. There is no isolation between your instance and the platform operator's access.
What you're actually buying from me isn't the installation. It's the knowledge of how to optimize model selection, design cron workflows that don't burn tokens, build memory systems that actually retrieve useful context, harden security so your AI can't be weaponized, and architect sub-agent pipelines that ship real output. That expertise doesn't come in a Docker image.
If you purchased hardware through me, I'll configure everything before it leaves my hands. OpenClaw installed, hardened, tested, and ready to plug in. You unbox it, connect to your network, and we do the final walkthrough remotely. Shipping costs are yours (insured, tracked).
I configure your OpenClaw instance, harden your security, and optimize your setup. Once delivered, it's yours. You own the configuration, the memory, the automations, everything. I don't retain access to your system after the engagement unless you opt into monthly maintenance.
My setup fee covers my time and expertise. Your AI model subscriptions (Anthropic, OpenAI, etc.) are separate ongoing costs that you pay directly to the provider. I help you pick the right plan and optimize token usage, but I am not responsible for your monthly AI spend. Heavy automation (frequent heartbeats, aggressive cron jobs, autonomous workflows) will consume more tokens.
I harden your system according to the security tier you choose. After delivery, maintaining that security posture (updating packages, rotating keys, not disabling guardrails) is your responsibility. Monthly maintenance clients get ongoing security updates. Everyone else gets the setup and the knowledge to maintain it.
AI models can make mistakes. They can misinterpret instructions, hallucinate information, or take unintended actions. I configure guardrails, approval gates, and safety boundaries to minimize this, but no configuration is bulletproof. I am not liable for actions your AI takes after delivery. This is why we discuss autonomy levels during setup and why I recommend starting conservative.
Your AI runs on third-party subscriptions (Anthropic, OpenAI, Google, etc.) that I do not control. If a provider changes their terms, raises prices, imposes new rate limits, or terminates your account for any reason, that is between you and the provider. I will help you migrate to alternative models if needed, but I cannot guarantee the continued availability of any third-party service. This is also why I set up local Ollama models as a fallback when possible.
If I purchase hardware on your behalf, the full hardware cost is paid up front before I order anything. My build fee covers sourcing, configuration, and shipping coordination. Hardware warranties are between you and the manufacturer. I'll help you file claims if needed, but I'm not the warranty provider.
Custom software development requires a signed statement of work (SOW) and 50% payment before development begins. The SOW defines scope, deliverables, timeline, and acceptance criteria. Scope changes after kickoff are billed at an hourly rate defined in the SOW. I retain no ownership of your custom code after final delivery and payment.
All clients sign a service agreement before work begins. This covers scope, liability boundaries, and delivery terms. No surprises for either of us.
Reach out and let's figure out what your AI should be doing for you.