ClawShop launches OpenClaw resources with SecretRef and PinchBench

• Kilo Code's workshop recap framed ClawShop as a 30 minute path to a cloud agent, covering model choice, identity setup, and Gmail, Google Calendar, and Telegram connections, while the linked ClawShop attendee guide adds Docker plus separate bot GitHub and Google accounts.
• Josh Avant's SecretRef walkthrough says KiloClaw now keeps API keys out of config files, and OpenClaw's SecretRefs docs describe the same pattern as env, file, or exec backed credentials resolved into an in memory runtime snapshot.
• Kilo's closing resources post turned the event into a mini reference shelf: ClawBytes for copy and run recipes, plus PinchBench, which currently shows 50 models across 608 OpenClaw benchmark runs.
• OpenClaw 2026.4.10 shipped an Active Memory plugin, local MLX Talk mode, a Codex app-server harness, Teams message actions, and SSRF hardening, with the release notes filling in the implementation details.
• Kilo's Swiss cheese security post laid out five isolation layers for hosted agents, while Rohan Paul's PetClaw demo showed the other end of the stack, a one click desktop wrapper built on OpenClaw.

You can skim the attendee guide, browse the ClawBytes cookbook, and jump straight into the 2026.4.10 release notes. The weirder connective tissue is that the stack now spans hosted setup, secret handling, benchmark infrastructure, and a desktop pet shell, with Kilo's security blog and the PinchBench leaderboard making that expansion unusually concrete.

The workshop goal was blunt: get everyone running an agent in the cloud within 30 minutes. According to the recap, that session covered three pieces: model selection, identity config, and service hookups for Gmail, Google Calendar, and Telegram.

The linked ClawShop attendee guide adds the operational detail that usually gets skipped in agent demos. It recommends Docker Desktop, a dedicated GitHub account for the bot, and a separate Google account, which is a clean way to separate personal data from agent credentials.

SecretRef is the quietest useful feature in this bundle. Avant's demo thread describes it as native key handling that avoids plaintext config files entirely, and OpenClaw's secrets docs match that design: credentials can point to env, file, or exec sources, and onboarding validates active references before startup.

Kilo paired that with a stronger platform security pitch. The Swiss cheese thread lists five isolation layers:

1. Auth and access control
2. App isolation
3. Network isolation
4. Process isolation via Firecracker microVMs
5. Storage isolation

The companion security blog post says an external assessor spent 10 days on threat modeling, code review, adversarial testing, and live infrastructure testing, echoing the tweet's counts of 35 tenant isolation tests and 8 live cross tenant network tests.

ClawBytes looks less like documentation and more like an agent app store with better taste. The official cookbook says it is organized by category, integrations, and tags, and the current menu includes recipes like Inbox Zero Bot, Issue Whisperer, Source Hunter, Task Whisperer, and an Anti-AI Slop Filter.

PinchBench gives the stack a public measuring stick. Kilo's recap calls it an open source benchmark for agentic performance, and the live PinchBench site currently exposes success rate, speed, cost, value, graphs, 50 models, and 608 runs across standardized OpenClaw agent tests graded by automated checks plus an LLM judge.

The release itself adds several subsystems at once. The release notes say the new Active Memory plugin runs a blocking memory sub-agent before the main reply, with recent, message, and full context modes, /verbose inspection, and optional transcript persistence for debugging. The separate Active Memory docs confirm that those transcripts are temporary by default.

The same release also bundles a Codex provider and plugin owned app-server harness so codex/gpt-* models use Codex managed auth, native threads, model discovery, and compaction, while openai/gpt-* stays on the normal provider path. Local MLX Talk mode and Teams actions for pins, reactions, and read state round out the update.

PetClaw is where this ecosystem starts to look consumerish in the best way. Rohan Paul's demo pitches it as a local OpenClaw based desktop pet that installs in one click, works through voice and chat, remembers context, and turns successful ad hoc workflows into reusable skills.

The official PetClaw site makes the same case in product copy: download for Mac or Windows, single click setup, voice first interaction, and skill teaching through simple commands. An earlier thread in the same demo series adds the detail that the beta currently hands out an access code and free credits, which is a very different distribution model from the hosted KiloClaw workshop that opened this whole story.