My OpenClaw Setup as Fitness agent: A Complete Tour of Custom Configs

· Source: LLM on Medium · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Software Development & Engineering, Data Science & Analytics · Depth: Intermediate, medium

Summary

This article details a custom OpenClaw configuration (version 2026.2.9) designed for WhatsApp integration, fitness logging, and secure agent execution, all managed within a single `openclaw.json` file. The setup utilizes `gpt-4o` as the primary model, with `gpt-5.1-codex` also available, and configures a shared workspace and concurrency limits (4 top-level, 8 subagent tasks). It routes all `exec` tool commands to the gateway machine, ensuring scripts like `fitness_store.py` run where the database and hooks reside. The configuration includes hooks for `command-logger` and `fitness-log-on-receive`, which automatically classify and log fitness data from WhatsApp messages into a SQLite database. Access control for WhatsApp is strictly allowlist-based for both DMs and groups, with specific group settings to process all messages without requiring mentions. The gateway is secured with loopback binding, token authentication, and a hard deny list for sensitive commands like `camera.snap` or `calendar.add`.

Key takeaway

For AI Engineers building secure, multi-channel agents, carefully configuring your `openclaw.json` is critical. You should prioritize defining explicit model access, routing tool execution to a controlled gateway, and implementing strict allowlists for communication channels. Additionally, leverage hooks for automated data processing to offload routine tasks from the agent, and always enforce a `denyCommands` list on the gateway to prevent sensitive device actions, even if an agent is compromised.

Key insights

OpenClaw can be highly customized via `openclaw.json` for secure, multi-channel agent operations and data pipelines.

Principles

Method

Configure OpenClaw agents, tools, messages, hooks, channels, and gateway settings via `openclaw.json` to define model usage, execution hosts, message processing, access controls, and command restrictions.

In practice

Topics

Best for: AI Engineer, Machine Learning Engineer, MLOps Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by LLM on Medium.