top of page

LBSocial

OpenClaw + GitHub: Building a Real AI Teammate

Today, we are taking our AI automation to the next level by introducing GitHub as our primary collaboration platform. We are going to turn OpenClaw from a simple chatbot into your very own autonomous AI teammate—one that can write code, summarize data, and actively push finished results straight to your repositories while you manage it all from Telegram.


https://www.youtube.com/watch?v=yBbLs3VAayc
OpenClaw + GitHub: Building a Real AI Teammate

If you are just joining us, make sure you have your foundation ready. We already covered how to deploy a 24/7 AI assistant using OpenClaw on Google Cloud with Gemini as its brain. In this tutorial, we build directly on that setup to bridge the gap between your cloud environment and your codebase.



The Architecture of Your AI Teammate


To understand how this ecosystem works together, let’s look at the integration workflow.


Diagram shows Telegram to Gemini AI on Google Cloud, then to GitHub. Tasks sent and results pushed. Features colorful crab illustration.
A simplified view of how Telegram, Google Cloud, Gemini, and GitHub communicate to form your AI teammate.

As you can see, you (the developer) communicate with the agent via Telegram. The OpenClaw Virtual Machine (VM) sits on Google Cloud and uses Gemini AI to process your requests. Once the work is done, OpenClaw interacts directly with your GitHub repository to clone files, push changes, and resolve open issues.


Setting Up Your Private GitHub Repository


Because we are working with an autonomous agent, security is our top priority. We want our agent working in a locked-down, safe environment.


Head over to GitHub and create a new repository. I named mine openclaw-demo for this tutorial. Make absolutely sure you set this repository to Private. We do not want the agent to accidentally expose or mess with public code while we are testing.


Configuring Agent Access: Fine-Grained Tokens


Next, we need to give OpenClaw permission to access this new repository. We will follow the principle of least privilege. Do not use a classic Personal Access Token (PAT) that gives access to your whole account. Instead, we will generate a Fine-grained token.


Access token generation screen from GitHub for "openclaw-github-key," showing permissions for repository tasks like contents and issues.
Always select specific repository access and limit permissions to only what the agent needs

Go to your Developer Settings in GitHub and create a new Fine-grained token. Under "Repository access," select only the private repository you just created. Then, give the agent "Read and write" permissions for three specific areas: Content, Pull requests, and Issues.


Generate the token and copy it somewhere safe.



Configuring the OpenClaw VM: Essential Commands


Now we need to pass this secure token to our OpenClaw VM on Google Cloud. Open up your VM terminal.


First, we need to make sure the official GitHub CLI (gh) is installed on the machine so OpenClaw can communicate with GitHub. Run the following command to update your package list:


sudo apt update

Once that is updated, install the GitHub CLI by running:


sudo apt install gh -y

Next, we need to store the API token securely. We are going to create a hidden configuration folder specifically for GitHub.


mkdir -p ~/.config/github

To ensure no other users or processes on the VM can snoop on this folder, we will change its permissions so only the owner has access:


chmod 700 ~/.config/github

Now we will write your token directly to a file in that secure folder. Make sure to replace YOUR_GITHUB_TOKEN_HERE with the actual token you copied from GitHub.


printf '%s' 'YOUR_GITHUB_TOKEN_HERE' > ~/.config/github/lbsocial-openclaw-test.token

Finally, we lock down that specific file so it can only be read and written by you:


chmod 600 ~/.config/github/lbsocial-openclaw-test.token

You can now jump into Telegram and ask OpenClaw to verify that it can read the token and access the repository!



Real-World Collaboration & Teamwork


With the setup complete, you can start delegating tasks. In the video demo, I showed how OpenClaw can handle two major GitHub workflows:


1. Managing Pull Requests: I asked OpenClaw via Telegram to set up a README file. OpenClaw created the file locally in its workspace and automatically generated a Pull Request (PR) on GitHub. I was then able to review the code, approve it, and merge it safely.


GitHub pull request and WhatsApp chat. Left: Initial setup for README in a repository. Right: Chat discussing repository setup and reviewing pull requests.
Reviewing and merging a Pull Request automatically generated by OpenClaw

2. Resolving GitHub Issues: I created a new Issue on GitHub asking to "create an image folder." I then messaged OpenClaw to address the open issue. The agent read the issue, wrote the necessary code (including generating an SVG file when the standard image tool was disabled!), and submitted a PR to resolve the issue entirely on its own.


GitHub interface on the left shows a SVG file named avatar.svg with a cloud logo. On the right, a chat discussing creating and uploading an SVG file.
OpenClaw demonstrating autonomous problem-solving—coding an SVG file from scratch to fulfill the GitHub Issue when standard image generation was unavailable

Crucial Best Practices: Security and Tokens


Before you let your AI teammate run wild, please remember these final safety tips:


  • Least Privilege: Grant the agent access only to the repositories it needs to do its job.

  • Safe Tools: Only enable tools and skills for the agent that you completely understand.

  • Token Caps: Because OpenClaw is autonomous, a bug or an infinite loop could cause it to consume a large number of tokens very quickly. Always set a strict token cap or a hard budget limit in your API dashboard to prevent unexpected costs.

Comments

bottom of page