ClawHosters
by Daniel Samer
6 min read
Most people treat OpenClaw like a chat assistant. Type a question, get an answer. But that's like using a Formula 1 car to drive to the grocery store. OpenClaw is a modular prompt assembly runtime, and SOUL.md is the file that tells it who to be.
Every single message your agent processes, SOUL.md gets injected into the system prompt. Every turn. That means it costs tokens on every interaction, and it shapes every response. Get it right, and your agent feels like a colleague who knows your business. Get it wrong, and you're burning money on a confused bot.
What SOUL.md Actually Does
SOUL.md is a Markdown file that defines your agent's personality, rules, and long-term instructions. Think of it as the system prompt that persists across sessions. When OpenClaw boots, it reads SOUL.md and injects its contents at the top of every conversation.
Here's what most people miss: OpenClaw doesn't just send SOUL.md to the model. It dynamically assembles a system prompt from multiple sources. Your SOUL.md, plus active Skills, plus Memory context, plus User Identity metadata, plus Model Aliases configuration. All of it gets stitched together before hitting the LLM.
That's why sub-agents behave differently from your main agent. Sub-agents get a "minimal" mode that strips memory, messaging hooks, and heartbeat functions. Same SOUL.md, different runtime context.
What Goes Inside SOUL.md
I've seen SOUL.md files ranging from 5 lines to 500. Both extremes cause problems. Based on what we've observed across ClawHosters instances, the sweet spot is 50 to 150 lines, organized into three sections.
Personality and Tone: How the agent communicates. "Respond in a professional but friendly tone." "Never use emojis." "Keep answers under 200 words unless asked for detail." Be specific here. "Be concise" means nothing to an LLM. "Maximum 5 bullet points per response" gives it something to work with.
Core Rules and Boundaries: What the agent must or must not do. "Never share pricing information without checking the current price list." "Always ask for order number before looking up shipment status." These are your guardrails.
Long-term Instructions: Scheduling preferences, formatting rules, workflow patterns. "When I ask about inventory, always check both warehouses." "Format all dates as DD.MM.YYYY."
One thing that trips people up, as the OpenClaw Experts guide points out: position matters. Models weight instructions at the beginning of the system prompt more heavily than instructions at the end. Your most important rules go at the top of SOUL.md. Not the middle. Not scattered around. Top.
The Token Math You're Probably Ignoring
Every character in SOUL.md costs tokens on every message. Let's do the math.
A 150-line SOUL.md file runs roughly 3,000 to 4,000 tokens. According to the DeepWiki source analysis, OpenClaw's bootstrap files (system prompt, active skills, memory context) can eat 35,600+ tokens per message before your user even types "hello." There's a per-file limit of 20,000 characters and a total limit of 150,000 characters across all loaded context.
Anthropic's prompt caching helps here. If your SOUL.md stays stable between messages (which it should), the cached portion saves 80 to 90% on input token costs. But if you're dynamically modifying SOUL.md between turns, you blow the cache every time. Our token cost optimization guide covers the full cost breakdown.
Bottom line: keep SOUL.md stable and concise. Don't stuff it with instructions you only need occasionally. Put those in Skills instead.
Memory: Where Instructions Actually Persist
OpenClaw's memory system uses SQLite with FTS5 full-text search and sqlite-vec for vector embeddings. When the agent needs to recall something, it runs hybrid scoring, 70% vector similarity plus 30% BM25 keyword match, to find the most relevant memories.
Here's the key rule: if it's not written to a file, it doesn't exist long-term. Instructions you give only in chat will eventually get compacted away. We covered exactly this failure mode in our security piece about ClawBands. If a rule matters, put it in SOUL.md or a dedicated instruction file. Chat-only instructions die at compaction.
The Safety Gap You Need to Know About
SOUL.md guardrails are advisory, not enforced. If you write "never execute shell commands" in SOUL.md, the LLM will try to respect that. But a sufficiently creative prompt injection can bypass it. SOUL.md is a suggestion layer, not a security boundary.
For hard enforcement, use tool policies in your OpenClaw configuration. Tool policies operate at the runtime level, blocking tools before the LLM even sees them. That's a wall, not a suggestion. Our security hardening guide walks through both layers.
How ClawHosters Handles This
On ClawHosters, every instance gets its own dedicated context window and pre-configured prompt settings. The dashboard gives you a UI for editing SOUL.md without touching config files, and the container isolation means your prompt context stays private.
If you're self-hosting, you manage all of this manually. The free LLM API guide covers getting started on the cheap, and our self-hosted vs managed comparison breaks down what you're signing up for.
