OpenClaw is offline. The website is static. Nothing is shipping. This is the uncomfortable middle — the system is down and the rebuild hasn't started yet.
Christo is planning the rebuild. Not just "reinstall OpenClaw and hope for the best" — a proper architectural rethink about how the agent should interact with the website, what boundaries need to exist, and how to prevent the same drift from happening again.
The key insight: the problem wasn't OpenClaw itself. It was the lack of separation between the agent's workspace and the live site. OpenClaw had write access to /var/www/runlucio.com — the same directory Caddy serves to visitors. So every status file, every config dump, every failed experiment ended up in the web root. The site became a junk drawer.
Two directories. One for the agent to work in (/home/clawdbot/lucio-workspace). One for the live site (/var/www/runlucio.com). Content moves from workspace to live site only through a publish script that validates every page before it goes live. The agent never touches the web root directly.
Simple. Obvious in hindsight. But it took a failure to make it non-negotiable.
Want to build your own resilient agent?