Skip to main content
If you’re pasting recon output into ChatGPT, you’re getting analysis of one message at a time with zero memory of what you found yesterday. That’s a party trick, not a security workflow. An OpenClaw security instance is a persistent process that remembers every target, finding, and conversation across an entire engagement. It stores your recon results and reports on its own filesystem. It uses web search and code execution to actively investigate. And it’s still there tomorrow with full context when you pick up where you left off.

Why this actually works

It persists across an engagement. The agent remembers every target, every finding, every conversation from day one. On day five, it knows the full attack surface it mapped without you re-explaining anything. Context doesn’t die between sessions. It has a filesystem for findings. Recon results, enumeration output, vulnerability notes, draft reports. All of it lives on the instance’s volume. The agent reads and writes files like recon/acme-corp/subdomains.md, findings/ssrf-internal-api.md, reports/acme-final.md. You have a persistent, organized record of everything. Not a chat log. It uses tools for research. Web search to find exposed assets, leaked credentials, tech stack details, CVE information. Code execution to test payload encoding or parse log formats. File handling to organize and cross-reference findings. The agent actively gathers information instead of just processing what you paste in. It runs continuously. Start recon on Monday, come back Tuesday and pick up where you left off. The agent is still there with full context. Your engagement doesn’t reset overnight.

The setup

Create instances for each phase of an engagement: Recon instance connects to a private Discord server. Give it a target scope and it uses web search to map the attack surface: subdomains, exposed services, tech stack, open ports, GitHub dorks, publicly leaked credentials. It writes structured results to recon/{target}/ on its filesystem. When you come back with a new target, previous recon is still on disk for cross-referencing. Analysis instance connects to Telegram for interactive back-and-forth. Helps you reason through attack chains, suggests exploit approaches for specific vulnerability classes, and uses code execution to test encoding or generate payloads. It writes working notes to analysis/ so you can track your thought process across sessions. Reporting instance connects to Slack. Describe your validated findings and it produces structured vulnerability reports: description, severity with CVSS scoring, reproduction steps, proof of concept, remediation recommendations. It reads your report template from templates/report-template.md and writes finished reports to reports/. Formatted for HackerOne, Bugcrowd, or client deliverables.

A week on an engagement

  1. Day 1. Drop the scope into the recon Discord. The agent uses web search to enumerate subdomains and exposed services. Writes results to recon/acme-corp/subdomains.md and recon/acme-corp/services.md.
  2. Day 2. You found an interesting endpoint. Message the analysis agent on Telegram. It helps you reason through the SSRF chain. You work through payloads interactively. The agent writes notes to analysis/acme-ssrf.md.
  3. Day 3. You validate the finding. Message the reporting agent on Slack. It reads the report template from its filesystem, asks clarifying questions (remembering context from prior conversations), and writes the finished report to reports/acme-ssrf-report.md.
  4. Day 5. New target on the same engagement. The recon agent still has all of Acme’s results on disk. When the new target shares infrastructure, the agent cross-references automatically.
No re-explaining. No lost context. No “wait, what did we find on that other target?”

CTF competitions

Same pattern, different instances. Create category-specific bots: Web instance has exploitation cheatsheets and methodology docs on its filesystem. Uses web search to look up specific CVEs and bypass techniques. Writes solve notes to solves/. Crypto instance has crypto reference material on disk. Persists across challenges so it remembers which techniques worked on earlier problems. Forensics instance stores analysis notes on memory dumps, network captures, and file carving results on its filesystem. Each instance has methodology docs on disk, tools for research, and persistent memory of what’s been tried. During competition, you message the relevant bot and pick up right where you left off instead of context-switching one agent between crypto and web.

What to configure

Filesystem per instance

  • Recon. recon/{target}/ for enumeration results, methodology/ for checklists and scope templates
  • Analysis. analysis/ for working notes, references/ for vulnerability class guides and CWE references
  • Reporting. templates/ for report formats, reports/ for finished output

Skills

  • Web search is essential for recon and analysis. Find exposed assets, CVE details, bypass techniques.
  • File handling for all instances to read reference material and write findings to disk.
  • Code execution for the analysis instance to test payload encoding, hash cracking, or script generation.

Personas

  • Recon. Thorough, structured output. Respects scope boundaries. Knows enumeration methodology.
  • Analysis. Collaborative, reasons through attack chains step by step. Clear about authorization context.
  • Reporting. Precise, follows the template. CVSS scoring, clear reproduction steps, actionable remediation.
Three instances for a standard engagement fit on the Pro plan. CTF teams or consultancies running multiple concurrent engagements should use the Max plan.