How do I migrate from OpenClaw to OpenLobster? A step-by-step guide

Mar 16, 2026

Cowrie

Dev @ Bswen

The Problem: OpenClaw’s Architectural Issues

I’ve been running OpenClaw for a while as my self-hosted AI agent. It worked, but I kept running into problems that made me look for alternatives.

Here’s what drove me to migrate:

Memory corruption under concurrent sessions. The documentation literally recommended “only the main session writes to MEMORY.md” as if that was a feature, not a bug.

Security concerns. A batch of CVEs filled an entire page on RedPacket. The ClawHub marketplace had 26% of skills with at least one vulnerability. Authentication was disabled by default, leading to 40,000+ exposed instances on Censys.

No real scheduler. The “scheduler” was a heartbeat daemon reading HEARTBEAT.md every 30 minutes—not a proper task scheduler.

No multi-user support. I couldn’t have separate users with separate histories.

Heavy resource usage. The Node.js/TypeScript stack meant ~2-3 second startup and 150MB+ RAM.

I found OpenLobster, an opinionated fork that addresses these issues. But when I asked about migration:

“took a look at the code and you won’t have compatibility to transfer agents or memory in a quick way”

That sounded bad. But I discovered that while automatic migration isn’t possible, manual migration is straightforward because your workspace transfers directly.

Environment: What Changes Between OpenClaw and OpenLobster

Here’s the architectural comparison:

Architecture Comparison

Feature               OpenClaw              OpenLobster
---------------------------------------------------------------
Memory               MEMORY.md files       Neo4j graph database or GML file backend
Multi-user           Single session only   Per-user RBAC across channels
Scheduler            HEARTBEAT.md polling  Cron + ISO 8601 task scheduler
Security             Auth disabled         Auth on by default, encrypted secrets
Backend              Node.js/TypeScript    Single Go binary
Startup              ~2-3 seconds          200ms
RAM                  ~150MB+                30MB

The key insight: your workspace folder transfers directly. What needs reconfiguration:

• Memory (MEMORY.md → Neo4j or file backend)
• Secrets (move from YAML to encrypted backend)
• Tasks (HEARTBEAT.md → scheduler)
• MCP servers (re-register with new OAuth flow)
• Channels (re-add through dashboard wizard)

Step 1: Set Up Authentication (Critical First Step)

OpenLobster requires authentication by default. This tripped me up at first—I tried to start it without setting credentials.

Set auth token before starting

# Before starting OpenLobster, set your auth token
export OPENLOBSTER_GRAPHQL_AUTH_TOKEN=your-secret-token-here

# Run OpenLobster
./openlobsterd

If you skip this, OpenLobster won’t start. Unlike OpenClaw where auth was disabled by default (leading to all those exposed instances), OpenLobster enforces security from the start.

Step 2: Configure Memory Backend

OpenLobster replaces the fragile MEMORY.md system with proper database backends. You have two options:

Option A - Neo4j (recommended for production):

Configure Neo4j memory backend

export OPENLOBSTER_MEMORY_BACKEND=neo4j
export OPENLOBSTER_MEMORY_NEO4J_URI=bolt://localhost:7687
export OPENLOBSTER_MEMORY_NEO4J_USER=neo4j
export OPENLOBSTER_MEMORY_NEO4J_PASSWORD=your-password

Option B - File backend (simpler, good for personal use):

Configure file memory backend

export OPENLOBSTER_MEMORY_BACKEND=file
export OPENLOBSTER_MEMORY_FILE_PATH=~/.openlobster/memory

I use the file backend for my personal setup. It’s simpler than setting up Neo4j and works well for single-user scenarios.

Your old MEMORY.md won’t import. I tried to find a way to migrate the memory, but the structures are too different. The agent will rebuild knowledge through new conversations.

Step 3: Start with Docker

I use Docker for running OpenLobster:

Docker run command

docker run -p 8080:8080 \
  -e OPENLOBSTER_GRAPHQL_HOST=0.0.0.0 \
  -e OPENLOBSTER_GRAPHQL_AUTH_TOKEN=your-secret-token \
  -e OPENLOBSTER_MEMORY_BACKEND=file \
  -v ~/.openlobster/data:/app/data \
  -v ~/.openlobster/workspace:/app/workspace \
  -d ghcr.io/neirth/openlobster/openlobster:latest

The startup is noticeably faster than OpenClaw—around 200ms vs 2-3 seconds.

Step 4: Copy Your Workspace

This is where migration gets easy. Your workspace folder from OpenClaw works directly in OpenLobster:

Copy workspace from OpenClaw

# Copy your OpenClaw workspace directly
cp -r /path/to/openclaw/workspace ~/.openlobster/workspace

Your skills, documents, and files transfer without changes. This was the biggest relief—I had accumulated a lot of custom skills and didn’t want to recreate them.

Step 5: Reconfigure Through Dashboard

Access the setup wizard at http://127.0.0.1:8080. You’ll need to reconfigure these items:

1. Complete the setup wizard - The wizard walks you through initial configuration
2. Re-add channels (Settings → Channels) - Your Telegram, Discord, Slack, WhatsApp connections
3. Add secrets (Settings → Secrets) - Move API keys from YAML files to the encrypted backend
4. Set up tasks (Settings → Tasks) - Replace HEARTBEAT.md jobs with proper cron schedules
5. Register MCP servers (Settings → MCP) - Re-register with the new OAuth flow

The dashboard makes this straightforward. I found it easier than editing YAML files manually.

What Does NOT Transfer

A few things from OpenClaw won’t carry over:

• OpenClaw config files - Environment variable names and structure changed
• MEMORY.md content - The agent rebuilds memory through new conversations
• Multi-user workarounds - OpenLobster has proper multi-user support, so old hacks don’t apply
• Vulnerable ClawHub skills - Good riddance. Review any skills before adding them.

Common Mistakes I Made

Mistake 1: Skipping auth token setup. I tried to start OpenLobster without setting OPENLOBSTER_GRAPHQL_AUTH_TOKEN. It failed immediately.

Mistake 2: Trying to reuse OpenClaw configs. I copied my old config files and expected them to work. The variable names changed, so I had to start fresh with the dashboard wizard.

Mistake 3: Expecting MEMORY.md import. I looked for a way to import my old memory. There isn’t one. Let the agent rebuild knowledge naturally.

Mistake 4: Ignoring MCP permission model. OpenLobster has per-user permission matrices. I had to re-add MCP servers and configure user access properly.

Mistake 5: Using vulnerable ClawHub skills. Some skills from ClawHub had known vulnerabilities. I reviewed each one before adding it.

Recommended Migration Order

Here’s the order that worked for me:

1. Copy workspace folder to ~/.openlobster/workspace
2. Set OPENLOBSTER_GRAPHQL_AUTH_TOKEN before starting
3. Run OpenLobster and complete the setup wizard
4. Reconfigure channels one by one
5. Re-add secrets through the dashboard
6. Set up tasks to replace HEARTBEAT.md jobs
7. Register MCP servers
8. Let the agent rebuild memory naturally through use

Summary

In this post, I migrated from OpenClaw to OpenLobster despite the lack of automatic migration tools. The key point is that your workspace transfers directly—you only need to reconfigure memory, secrets, channels, and tasks. OpenLobster’s proper security defaults, real task scheduler, and efficient Go binary make the manual reconfiguration worth the effort.

Final Words + More Resources

My intention with this article was to help others share my knowledge and experience. If you want to contact me, you can contact by email: Email me

Here are also the most important links from this article along with some further resources that will help you in this scope:

• 👨‍💻 OpenLobster GitHub Repository
• 👨‍💻 Migration Guide Discussion #44
• 👨‍💻 OpenLobster Documentation

Oh, and if you found these resources useful, don’t forget to support me by starring the repo on GitHub!

Comments

Tags:

• ai-coding
• ai
• performance
• security

OpenViking OpenClaw Memory Plugin: 43% Better Task Completion with 91% Lower Token Cost

OpenViking Directory Recursive Retrieval: Why Hierarchical Search Beats Flat RAG