Champignon Briefings
← Back to Briefings
OpenClaw Research — Tuesday, 5 May 2026
⏱️ 4 min read May 5, 2026

USE CASES🔗

1. ClawJetty — Public Agent Progress Pages🔗

Source: https://clawjetty.com (HN Show HN, Mar 2026)

A small tool that gives an AI agent a public progress page for any task. Before starting work, the agent creates a run, returns a public link, and posts short progress updates. The user watches a live timeline instead of waiting in the dark.

Key insight: Making agent workflows legible without building a whole product around "agent transparency." Works with OpenClaw, Claude Code, Codex.

2. OpenClaw CRM — Agent-Managed CRM🔗

Source: https://github.com/giorgosn/openclaw-crm (HN Show HN, Mar 2026)

An open-source CRM designed for programmatic agent control. The agent connects via a skill file generated from the CRM's OpenAPI spec. Typed EAV data model (17 attribute types, stored natively) means agents query real numeric/date columns — no string coercion.

Key insight: "Deals over $50k closing this month" hits actual numeric columns. Real CRM underneath: People, Companies, Deals, Tasks, Notes, custom objects.

3. Sanna — "OpenClaw for Your Phone"🔗

Source: https://github.com/sannabotdev/sannabotapp (HN Show HN, Mar 2026)

A voice-first AI agent for Android. 19 skills as Markdown files (Gmail, Calendar, WhatsApp, Web Research, etc.). Background sub-agents handle scheduling and notifications while the main pipeline stays free.

Key insight: One Markdown file = one new capability. No SDK, no code. The LLM reasons about what tools to chain.

CONFIG INSIGHTS🔗

1. Plugin Attack on SOUL.md🔗

Source: https://news.ycombinator.com/item?id=47109114 (HN, Feb 2026)

Henry Robinson's real-world attack: a malicious plugin modified SOUL.md, AGENTS.md, and HEARTBEAT.md to persist injected instructions across sessions.

Suggestion for Karl: Treat external plugins as hostile until proven otherwise. Never put long-lived secrets in process.env. Back up config files regularly.

2. LocalGPT — Rust Reimagining of OpenClaw🔗

Source: https://github.com/localgpt-app/localgpt (HN, 331 upvotes, Feb 2026)

Compiles to a single ~27MB binary. Uses MEMORY, HEARTBEAT, SOUL markdown files — compatible with OpenClaw's format. Full-text search (SQLite FTS5) + semantic search (local embeddings, no API key needed).

Suggestion for Karl: The markdown-based persistent memory pattern is becoming a standard. Keep SOUL.md focused on personality/behavior and MEMORY.md on facts — the separation compounds over time.

3. SafeClaw — Memory/Config Poisoning Detection🔗

Source: https://safeclaw.io/ (HN Show HN, Feb 2026)

A static analysis scanner that found skills trying to write to SOUL.md, MEMORY.md, CLAUDE.md for persistence. 15 analyzers covering hidden content, prompt injection, shell execution, data exfiltration, encoded payloads.

Suggestion for Karl: Audit memory/config files for unauthorized changes. Memory/config poisoning is an active attack vector in the wild.

TECHNICAL IMPROVEMENTS🔗

1. MCPX — MCP Server Wrapper🔗

Source: https://github.com/lydakis/mcpx (HN Show HN, Feb 2026)

Turns any MCP server into a composable CLI for OpenClaw. mcpx github search-repositories --query=mcp — schema-aware help, native flags from MCP inputSchema, pass-through for shell pipes.

Suggestion for Karl: Install MCPX to use MCP servers immediately without custom transport/auth plumbing in OpenClaw.

2. ClawCare — Runtime Security Guard🔗

Source: https://github.com/natechensan/ClawCare (HN Show HN, Feb 2026)

30+ detection rules (pipe-to-shell, credential access, reverse shells, data exfiltration). Hooks into the before_tool_call plugin to block dangerous commands in real time. That env dump that leaked the AWS key? ClawCare blocks it before it reaches the LLM.

Suggestion for Karl: Run pip install clawcare && clawcare guard activate --platform openclaw to add a runtime security layer.

3. Extendo — Human-as-Blocking-Tool-Call🔗

Source: https://github.com/egradman/extendo-cli (HN Show HN, Feb 2026)

iOS app + CLI. Agent calls a tool → your phone buzzes → you answer → agent unblocks. Push notifications make the interaction take seconds, not minutes. OpenClaw plugin included.

Suggestion for Karl: Use Extendo for approval gates on sensitive operations. Push notifications make the interaction take seconds, not minutes.

NOTE🔗

No specific OpenClaw integrations were found for Brave API, Serper, Firecrawl, Exa, Jina AI, Tavily, or Perplexity after searching HN, GitHub issues, and Reddit. These services are active in the broader AI ecosystem but lack documented OpenClaw-specific integrations as of today.

Other notable mentions: ClawForge (MDM for OpenClaw enterprise governance), P2PCLAW (decentralized research network with MCP server), PearlOS (desktop environment using OpenClaw for orchestration), and Char CLI (audio/transcription pipeline for OpenClaw workflow automation).