Connect OpenClaw to WhatsApp in 15 Minutes

Control your computer remotely through WhatsApp messages using OpenClaw AI agent. Perfect for running scripts and automation tasks from your phone.
·
5 min read
·
Mark
·
Automation

Problem: You Need Computer Control Without Being At Your Desk

You want to run scripts, check files, or automate tasks on your computer while you're away, but SSH feels like overkill and TeamViewer requires too much setup.

You'll learn:

  • How to install and configure OpenClaw
  • Connect OpenClaw to WhatsApp messaging
  • Send computer commands via chat safely

Time: 15 min | Level: Intermediate

Why OpenClaw + WhatsApp Works

OpenClaw is an open-source AI agent that executes computer tasks through natural language. WhatsApp provides a familiar, secure messaging interface that works on any device.

Common use cases:

  • "Check if my build finished" while commuting
  • "Run the backup script" from your phone
  • "Show me the logs from server.log" without SSH

What you need:

  • Python 3.10+
  • WhatsApp Business API access (or Twilio for testing)
  • Computer that stays running (or cloud VM)

Solution

Step 1: Install OpenClaw

# Clone the repository
git clone https://github.com/openclaw/openclaw.git
cd openclaw

# Install dependencies
pip install -e . --break-system-packages

Expected: Installation completes without errors. You'll see "Successfully installed openclaw" in the output.

If it fails:

  • Error: "Python version mismatch": Run python3 --version - must be 3.10 or higher
  • Error: "Permission denied": Use sudo or create a virtual environment

Step 2: Configure OpenClaw API Key

# Create config file
cp .env.example .env

# Add your Anthropic API key
echo "ANTHROPIC_API_KEY=your_key_here" >> .env

Why this matters: OpenClaw uses Claude to interpret your natural language commands and execute them safely.

Get your API key at: https://console.anthropic.com/

Step 3: Set Up WhatsApp Connector

OpenClaw doesn't have native WhatsApp integration, so we'll use Twilio's WhatsApp API:

# Install Twilio SDK
pip install twilio flask --break-system-packages

Create whatsapp_bridge.py:

from flask import Flask, request
from twilio.twiml.messaging_response import MessagingResponse
import subprocess
import os

app = Flask(__name__)

# Whitelist allowed phone numbers (security!)
ALLOWED_NUMBERS = ['+1234567890']  # Replace with your number

@app.route('/whatsapp', methods=['POST'])
def whatsapp_webhook():
    """Receive WhatsApp messages and execute OpenClaw commands"""
    incoming_msg = request.values.get('Body', '').strip()
    from_number = request.values.get('From', '')
    
    resp = MessagingResponse()
    msg = resp.message()
    
    # Security check - only respond to whitelisted numbers
    if from_number not in ALLOWED_NUMBERS:
        msg.body("Unauthorized number")
        return str(resp)
    
    try:
        # Execute command through OpenClaw
        result = subprocess.run(
            ['openclaw', 'run', '--prompt', incoming_msg],
            capture_output=True,
            text=True,
            timeout=30  # 30 second timeout for safety
        )
        
        # Send result back to WhatsApp
        output = result.stdout if result.returncode == 0 else result.stderr
        msg.body(output[:1600])  # WhatsApp has 1600 char limit
        
    except subprocess.TimeoutExpired:
        msg.body("Command timed out after 30 seconds")
    except Exception as e:
        msg.body(f"Error: {str(e)}")
    
    return str(resp)

if __name__ == '__main__':
    app.run(port=5000, debug=False)

Security note: The ALLOWED_NUMBERS list prevents unauthorized access. Never skip this check.

Step 4: Configure Twilio WhatsApp Sandbox

  1. Go to https://console.twilio.com/
  2. Navigate to MessagingTry it outSend a WhatsApp message
  3. Follow instructions to join the sandbox (text a code to Twilio's WhatsApp number)
  4. Set webhook URL to https://your-server.com/whatsapp (use ngrok for testing)
# For local testing, use ngrok to expose your Flask app
ngrok http 5000

Copy the ngrok HTTPS URL and paste it in Twilio's webhook settings: https://abc123.ngrok.io/whatsapp

Step 5: Start the Bridge Server

# Run the Flask app
python whatsapp_bridge.py

Expected: You'll see:

* Running on http://127.0.0.1:5000
* Do not use the development server in production

If it fails:

  • Error: "Port 5000 already in use": Change to app.run(port=5001)
  • Error: "Module not found": Re-run pip install twilio flask

Step 6: Test Your Setup

Send a WhatsApp message to your Twilio number:

What files are in my home directory?

OpenClaw should respond with a list of files.

Try these commands:

  • "Show me the last 10 lines of server.log"
  • "Check if Python is installed"
  • "Create a file called test.txt with 'Hello from WhatsApp'"

Verification

Test the security:

  1. Message from your whitelisted number: ✅ Should work
  2. Message from different number: ❌ Should return "Unauthorized"
  3. Try a dangerous command: "Delete all files" - OpenClaw should refuse

You should see: OpenClaw executes safe commands and blocks potentially harmful ones.

Production Deployment

For real-world use (not ngrok):

# Use a proper WSGI server
pip install gunicorn --break-system-packages

# Run with gunicorn
gunicorn -w 4 -b 0.0.0.0:5000 whatsapp_bridge:app

Set up systemd service (optional, for auto-restart):

# /etc/systemd/system/openclaw-whatsapp.service
[Unit]
Description=OpenClaw WhatsApp Bridge
After=network.target

[Service]
User=youruser
WorkingDirectory=/path/to/openclaw
ExecStart=/usr/local/bin/gunicorn -w 4 -b 0.0.0.0:5000 whatsapp_bridge:app
Restart=always

[Install]
WantedBy=multi-user.target

sudo systemctl enable openclaw-whatsapp
sudo systemctl start openclaw-whatsapp

What You Learned

  • OpenClaw executes computer tasks via natural language
  • WhatsApp provides a secure, familiar control interface
  • Security whitelisting is critical for remote access
  • Twilio bridges WhatsApp to your backend

Limitations to know:

  • OpenClaw runs with your user permissions (be careful!)
  • WhatsApp messages have 1600 character limit
  • Commands timeout after 30 seconds (configurable)
  • Twilio sandbox is free but has limits (upgrade for production)

When NOT to use this:

  • For time-sensitive operations (use webhooks instead)
  • On shared/multi-user systems (security risk)
  • For commands requiring interactive input

Additional Security Hardening

# Add command filtering in whatsapp_bridge.py
BLOCKED_KEYWORDS = ['rm -rf', 'sudo', 'chmod 777', 'dd if=']

def is_safe_command(prompt):
    """Block obviously dangerous commands"""
    prompt_lower = prompt.lower()
    return not any(keyword in prompt_lower for keyword in BLOCKED_KEYWORDS)

# Use before executing:
if not is_safe_command(incoming_msg):
    msg.body("Command blocked for security reasons")
    return str(resp)

Tested on OpenClaw 0.1.x, Python 3.11, Twilio API 2024, Ubuntu 24.04

Disclaimer: This setup gives remote access to your computer. Always use strong authentication, keep software updated, and monitor logs for suspicious activity.