I Built a Safer OpenClaw Alternative Using Claude Code

Channel Cole Medin

Date February 12, 2026

Duration 15:13

OpenClaw Claude Code Second Brain AI Agents

TL;DR

OpenClaw is the fastest-growing open-source AI assistant (185K GitHub stars) but has serious security vulnerabilities. Cole Medin demonstrates how he replicated the four core components that make OpenClaw "magical"—memory system, heartbeat, channel adapters, and skills—using Claude Code in just two days, creating a simpler, more secure, and customizable personal AI assistant.

Key Takeaways

OpenClaw Security Issues: Critical vulnerabilities including one-click RCE exploits, malicious skills on ClawHub, and plain-text credential storage
Four Core Components: Memory system, heartbeat (proactive tasks), channel adapters, and skills registry make OpenClaw feel "magical"
Build Your Own: Using Claude Code with OpenClaw's codebase as a reference allows you to build a customized version in days
Elegant Memory System: Markdown-driven with soul.md, user.md, memory.md, agents.md, and session logs—super simple but powerful
Cost-Effective: Uses Claude subscription instead of expensive API credits, avoiding TOS issues that affect OpenClaw users
Future-Proof: Can pull new OpenClaw features and adapt them yourself as the project evolves

Summary

The OpenClaw Phenomenon

OpenClaw has exploded to 185,000 GitHub stars, surpassing even N8N. It's the first personal AI assistant that truly "gets you," building up memory of your preferences and context over time. However, it comes with significant security concerns that make building your own alternative attractive.

Security Vulnerabilities

Architecture Issues: CVE-2026-25253 enables one-click remote code execution via WebSocket origin bypass (CVSS 8.8). Clicking a malicious link sends an OAuth token to attackers, giving them access to all credentials stored in plain text. The ClawHub registry has hundreds of malicious skills discovered (76 confirmed malware payloads). A researcher hijacked an OpenClaw instance in under 2 hours.

Fundamental Design Problems: OpenClaw is a massive codebase that users don't understand but trust to run. It gives agents far more power than most users are ready to handle. As Cisco puts it: "An absolute security nightmare."

The Four Core Components

Cole identified the four components that make OpenClaw feel "magical":

Memory System - Markdown-driven with files like soul.md (agent identity), user.md, memory.md (core memories), agents.md (global rules), and session logs. SQLite database with lightweight RAG for search.
Heartbeat - A heartbeat.md file tells the agent what to do when running autonomously on a schedule. The agent proactively drafts emails, creates PRs, and performs tasks without being asked.
Channel Adapters - Talk to your assistant from WhatsApp, Telegram, Slack, Discord, etc. Supports threaded conversations across platforms.
Skills Registry - Single-file additions that extend capabilities.

Building Your Own Version

The process is straightforward: clone the OpenClaw repo locally (MIT licensed), point your coding agent (Claude Code) at it, ask it to explain how each component works, then have it build that component adapted to your tech stack. Repeat for each feature you want.

Cole's Tech Stack: Obsidian for storage and syncing, Markdown for the memory system, SQLite (local) / PostgreSQL (remote) for database, Claude Agent SDK for proactive agent functionality, Claude Code as primary driver, and Slack as primary channel adapter.

Advantages of Building Your Own

Security: No malicious skills, you control everything
Customization: Tailored exactly to your needs
Understanding: You know exactly what your agent can do
Cost-effective: Uses Claude subscription instead of expensive API credits

Notable Quotes

"It feels like the first agent that truly gets you."

"Most people are not ready for their agent to wield all the power that OpenClaw gives it."

"Coding agents work really well when you give them good examples. So, if we're working on top of something that is simple and elegant and just works really well, that is the ultimate brain food for the context for the coding agent."

"It oneshotted this whole thing for me and even adapted it to my codebase."

Chapters

Time	Topic
0:00	OpenClaw - The Magical AI Assistant
2:10	The Major Security Risks
5:16	4 Core Components of OpenClaw
8:21	Replicating the Memory System
10:31	The Heartbeat & Proactive Tasks
11:22	Channel Adapters & Interfaces
12:17	Building Secure Custom Skills
13:38	Step-by-Step Build Process

References

Resources from Video

Dynamous Agentic Coding Course: dynamous.ai/agentic-coding-course
Second Brain Skills Collection: github.com/coleam00/second-brain-skills
OpenClaw Repository: github.com/openclaw/openclaw

Tools & Technologies

Claude Code - Anthropic's CLI for Claude
Claude Agent SDK - SDK for running Claude from Python scripts
Obsidian - Note-taking app for markdown
SQLite / PostgreSQL - Database options
Slack - Primary channel adapter