Distilled paradigms, architectural patterns, and discoveries from working with Claude Code and OpenClaw.
17 design paradigms: CLAUDE.md as executable spec, skill-first forcing function, subagent pipelines, two-tier knowledge architecture, the description trap, hard gates vs soft suggestions, verification-before-completion, persuasion in prompts.
Seven-layer dual-purpose architecture, dual enforcement model (soft + hard), trust level separation across channels, hybrid memory search, CVE-2026-25253.
Assume-compromise philosophy, sandbox configuration, exec allowlists, tool deny-lists by trust level, data exfiltration vectors, workspace file security, CRON isolation.
The description trap, eval-driven TDD for skills, hard gates beat soft suggestions, persuasion techniques, verification patterns, slash commands vs skills, hot-reload workflow.
Reusable patterns from little-trees (CDN-only frontend, SVG-to-3D), ramen-eggs (accessible forms, origin-based CORS), tetris-flow (build gates, AbortController teardown, dual OAuth quota switching).
Collected footguns: gog sheets spelling, ln -sfn, memory path encoding, .sh extension trap, CVE upgrade-first, CRON session escalation. Plus 10 invariants that should never be violated.
Seven patterns that recur across all six topic files:
-
Hard enforcement > soft enforcement. Structural constraints (sandbox, allowlists, deny-lists) beat prompt instructions. Applies to LLM agents (Security Playbook), skill design (Skill Development), and build pipelines (Project Patterns).
-
Every layer does double duty. Each architectural layer both specializes and constrains. Security isn't bolted on — it's a property of every component (OpenClaw Architecture).
-
Evidence before assertions. Born from 24 "I don't believe you" failures. Verify in the same message, not the next one (Skill Development, Gotchas).
-
Allowlists over deny-lists. Deny-lists miss things. Allowlists are secure by default — for exec binaries, tool access, and plugin installation (Security Playbook).
-
Descriptions trigger, bodies instruct. Whether it's a skill, a CLAUDE.md entry, or a workspace file — keep the "when" separate from the "how" (Skill Development, Gotchas).
-
Minimize dependencies, maximize constraints. Zero-dep frontends, five-binary sandboxes, append-only correction logs. Simplicity reduces attack surface and cognitive load (Project Patterns, Claude Code Paradigms).
-
Trust is contextual, not global. Per-channel permissions, per-project settings, machine-local memories. Nothing inherits more access than it needs (OpenClaw Architecture, Gotchas).
Wiki-style — each file is self-contained and scannable in under 2 minutes. Cross-references link between files where topics overlap.