Writing · OpenClaw · Runtime economics

By Younes Abouelnagah · Published May 1, 2026

Operating OpenClaw reliably for a client: tokens, churn, and a stability fork

The COGS of a real agent deployment fit on a napkin. The operational tax of a fast-moving upstream did not, until we turned it into governance and called it KissClaw.

Younes Abouelnagah

Written by Younes Abouelnagah, founder of Machine Wisdom AI

These operator field notes are part of the Machine Wisdom AI record on the economics and release governance of production AI agents: token COGS, runtime churn, canaries, rollback discipline, and stability forks.

Two charts: a cost-routed model keeping token spend to a fraction of what a frontier model would cost, with infrastructure a thin sliver of the total; and a timeline of one month of date-versioned upstream releases producing silent message drops, a crash loop, and a default flip that leaked tool internals, ending in a pinned, semver-governed fork.
The two bills of production agents: tokens are the COGS, upstream churn is the tax. Tap to open full size.

This is the operator's ledger from our managed AI agent deployment, built on the OpenClaw runtime and deployed for real customers. The first number is what the thing cost to run. The second is what it cost to keep safe and stable.

The COGS fit on a napkin

Our flagship deployment, a procurement research team running multi-hour document analysis sessions nearly every day, burned a few hundred dollars a month in tokens. The infrastructure underneath it was almost noise: compute, VPN, and search APIs together came to roughly a tenth of the token bill per agent. Tokens were the overwhelming majority of the cost.

That number was a choice, not luck. The workload was sustained reading, comparison, and structured summarization, and we routed it to a cost-efficient model rather than a frontier one. A frontier model would have cost several multiples more for capability the workload did not need. The scaffolding, persistent memory, skills, validated prompts, did the work that people usually try to buy from the model.

Two mechanics made that choice cheap to make and cheap to revisit. Per-agent model routing: each agent has its own model configuration, so one can move up to a stronger model without a fleet-wide cost decision. And per-agent API keys: each agent's spend is its own line item with its own rate limits, so COGS per agent is a number you read, not an allocation you argue about. If you remember one thing about agent unit economics, make it this: match the model to the workload, and instrument cost per agent from day one. The spread between a defensible COGS and an indefensible one is wider than any infrastructure decision you will make.

I have written before about the seven hidden costs of production AI. This deployment confirmed the thesis from the inside: inference was manageable and measurable. The cost that does not show up on the OpenRouter dashboard was the one that hurt.

The bill the dashboard doesn't show: upstream churn

OpenClaw was capable enough that the operating model felt safe to lean on: channels, tools, skills, cron, and sessions that would take a team a year to rebuild. The product surface was real, and that is exactly why I treated a fast-moving runtime as a customer substrate before we owned enough release governance of our own. It is built for velocity: releases are date-versioned feature trains, there are no patch releases for a given version, and semantic defaults move between releases without ceremony. For an operator with paying customers on the line, every routine version bump is a behavior change you have not discovered yet.

In one stretch of spring 2026, consecutive upstream releases gave us: a version that silently dropped messages ("Agent couldn't generate a response"), a version whose plugin-dependency rework crash-looped channel polling, and, the one that made it personal, a version that flipped a streaming default so that internal tool-call previews, file paths and shell commands included, streamed straight into a customer's chat. Nothing in our code changed. The ground moved. I wrote up the OpenClaw stability war stories separately because those incidents deserve their own ledger.

We kept a known-bad version table the way other teams keep a CVE list, and the worst week of the system's life, a multi-day spiral of grouped symptoms, an over-broad upgrade, and manual production rescue that left host state drifted from code, produced the lessons that reshaped how we operate. The discipline that came out of it:

1 Pin everything, upgrade nothing by reflex

The runtime version is pinned per host with auto-update disabled, and so is everything around it: the skills bundle, the VM image, the config schema. An upgrade is a decision with a checklist, not a side effect. The single most damaging instinct we had to unlearn was "something is broken, let's upgrade and see." Three independent customer symptoms once got grouped into one over-broad upgrade response, and the week that followed taught us to diagnose each symptom against the version that produced it.

2 Diff the changelog and the config schema before every bump

Because defaults are behavior, every candidate version gets its changelog read and its configuration types diffed against the running version. The question is not "what features did we gain?" but "what changed underneath us that we didn't ask for?" The tool-progress default flip would have been caught by exactly this, which is why the step exists.

3 Smoke the real channel, not the CLI

A version that passes CLI smoke tests can still crash-loop on channel polling or drop messages silently. Pre-deploy verification has to exercise the actual path customers use, a real message, through the real channel, to a real agent session, and release artifacts get installed in a clean environment first, because "works in the dev tree" has fooled us before.

4 Canary on a real workload, then soak

One tenant-shaped canary runs the new version against realistic traffic for 48 hours before any customer host sees it. Most of the failures that mattered did not appear in the first ten minutes; they appeared when a long research session, a cron job, and a token refresh overlapped.

5 Type the rollback before you start

Every upgrade begins by writing down, literally, in the terminal, the exact command that reverts it. When something does break at 11pm, the difference between a five-minute incident and a lost evening is whether the way back was decided while you were calm.

When discipline isn't enough: fork as governance

Checklists tame individual upgrades. They do not change the underlying mismatch: an upstream optimized for shipping fast, consumed by an operation that needs the ground to hold still. So we built KissClaw, a production-stability downstream of OpenClaw. Not a feature fork, and not a rewrite: a governance layer over an upstream we continue to respect and track.

The mechanics are deliberately boring. KissClaw pins a vetted upstream baseline and re-versions it under SemVer, with a GA channel cut at most every two weeks from upstream releases that have aged at least ten days, and an LTS channel promoted quarterly. It stays a drop-in replacement, same binary name, same config location, same plugin SDK, so hosts swap one tarball for another. The branch model structurally prevents raw upstream from leaking into a release: governance and release workflows live on a permanently maintained patch branch, release branches cut from there, and CI verifies that every release artifact was built from a tagged release branch and not from the upstream mirror.

The most important policy is about restraint: backports are incident-driven only. A commit gets cherry-picked from upstream only when it addresses a tracked production incident, never because it "looks useful." We learned that one the hard way: an earlier attempt at curating upstream by cherry-picking recently-merged, useful-looking PRs produced 21 backports that addressed zero production incidents and shipped four broken references. When three or more incidents would be fixed by a newer baseline, the policy prefers advancing the whole baseline over growing an unbounded cherry-pick set.

And because cherry-picks onto an older baseline love to reference helpers that never came along for the ride, every backport is validated by a purpose-built tool, kc-check-imports: it simulates each cherry-pick in a disposable worktree against the real baseline and runs the TypeScript compiler's module resolution over the touched files, catching unresolved imports that no regex review would find. It runs per-candidate in CI (so failures attribute to a specific commit), over the accumulated final tree (so same-release backports that depend on each other get caught), and as a pre-commit check.

None of this is glamorous. That is the point. The fork's entire feature set is predictability, and predictability turned out to be the scarcest resource in the open-source agent ecosystem.

The bottom line

Building on a fast-moving open-source agent runtime taught us a hard lesson: it let us ship a working product to a real team faster, and the wins were real, but I would not make that bet again without release governance in place before the first customer depended on it. The build-versus-buy math for agent infrastructure has a third column most spreadsheets miss: the cost of consuming someone else's velocity. You will pay it as upgrade discipline, as canary infrastructure, as field notes from incidents, and past a certain stake, as a governance fork with its own release engineering.

Price all three columns. The tokens, it turns out, are the cheap part.

Operating OpenClaw for a client?

Whether to adopt a runtime, how to pin and upgrade it, when a fork is justified, and what your real per-agent COGS will be: these are decisions cheaper to make before production than after. I learned that one the expensive way.

Stay Updated

Subscribe for frameworks and engagement briefs on production AI, agents, and governed autonomy.