Long-lived OpenClaw gateways on a 24/7 macOS Mac mini accumulate context faster than spreadsheets predict: every Slack thread appends tool transcripts, every failed command retries with verbose stderr, and every attachment preview inflates base64 blobs inside conversation state. By week three, operators notice p95 latency climbing above 8 seconds even though CPU stays under 45%—the model vendor is ingesting megabytes of redundant text, not crunching harder math. This runbook explains how to prune conversation memory, bound tool output, align per-turn token ceilings with provider limits, and rehearse changes on real hardware. Pair it with token budgets and tool throttling, JSON and environment hygiene, and gateway doctor diagnostics so pruning policies never fight your auth or routing tables.
You will get a decision matrix, numeric starting points (token caps, retention windows, log rotation sizes), macOS-specific footguns, and a FAQ aimed at platform engineers.
Signals that memory is the bottleneck
Rising time-to-first-token while CPU and GPU remain low usually means oversized prompts. Another tell is disk write spikes every 90 seconds when the gateway snapshots entire threads—even idle channels cost money.
Finance-friendly counters: average prompt tokens per turn, tool stdout bytes appended per hour, disk free percentage on the root volume, and reopened tickets tagged “assistant forgot earlier decision.” Without those four series you cannot prove a pruning change helped.
When incidents strike, freeze feature work: snapshot redacted transcripts showing duplicate tool payloads, then roll back the last summarization change.
Document “break-glass” temporary retention boosts with ticket IDs; otherwise teams silently disable pruning during launches and wonder why monthly bills doubled.
Support should capture whether slowdowns happen on first message of the day or only after long threads—first-message slowness points to cold start misconfiguration, thread-only slowness points to pruning gaps.
Matrix: summarization vs hard truncation
| Strategy | Quality | Cost | Risk |
|---|---|---|---|
| LLM summarization each N turns | High continuity | Extra model calls | Summaries can drop compliance-critical numbers |
| Hard truncation with pinned system facts | Cheaper | Low token overhead | Users perceive “forgetfulness” if pins are incomplete |
| Hybrid: summarize tool noise only | Balanced | Medium | Requires schema-aware redaction |
Hybrid wins in 2026 for most teams: keep user decisions and ticket IDs verbatim, compress noisy shell logs beyond 4 KiB per tool call.
Numeric defaults that survive audits
Initial knobs: keep the last 30 user-visible turns verbatim, summarize older content into ≤ 900 tokens of bullet notes, cap any single tool attachment preview at 64 KiB before base64, and refuse new attachments when free disk falls below 12%.
Cap total wall-clock summarization jobs at 3 concurrent workers so summarization itself does not starve interactive replies.
When providers publish maintenance windows, pre-emptively lower summarization frequency by 50% starting 15 minutes before the window—prevents overlapping compaction with vendor brownouts.
Red-team with replay files containing 200-turn threads; if more than 2% of synthetic sessions lose pinned compliance facts, your summarization prompt still leaks.
Version pruning tables in Git; on-call should never guess which constants were live during an incident.
macOS disks, LaunchAgents, and logs
launchd jobs writing verbose transcripts to ~/Library/Logs can exhaust APFS containers faster than Linux ext4 teams expect. Rotate logs at 256 MB per file with 5 generations retained.
Combine pruning with local fork limits—see the throttling guide for concurrency caps that prevent summarization workers from forking endlessly.
If hardware procurement is slow, rent a cloud Mac mini to rehearse compaction: MacHTML Apple Silicon hosts commonly price near $16.9/day with SSH/VNC for live disk and latency captures.
After changing pruning constants, restart the gateway LaunchAgent and confirm environment variables synchronized across every plist path documented in JSON/env profiles.
Run doctor probes post-deploy: verify RPC health before declaring the compaction rollout complete.
Channel UX while pruning
Slack and Teams users tolerate summarization when copy explains why. Emit a templated note when compaction drops more than 40% of raw tokens, and link to an internal FAQ about retention.
Product managers often ask for “infinite memory.” Translate that request into explicit budgets: show them the dollar cost per 1,000 extra prompt tokens averaged over a week, then propose a pinned facts block that survives summarization. Teams that adopt pinned facts see roughly 18–28% lower monthly spend without measurable satisfaction drops in internal surveys.
For public-facing bots, add a short “memory refreshed” line after compaction so users know a long legal disclaimer may need reconfirmation—especially in regulated industries where prior consent strings must remain verbatim.
Avoid echoing raw tool stderr into channels after pruning—it may resurrect secrets you thought redacted.
When multilingual teams share one gateway, localize summarization notices per workspace locale header.
Throttle typing indicators so clients do not spam events while summarization jobs run—those events amplify provider load.
Telemetry and finance-friendly metrics
Export histograms of prompt token counts before and after pruning—divergence below 25% usually means summarization failed silently.
Tag each compaction run with the Git SHA of your summarization prompt so finance can correlate invoice spikes with prompt edits rather than blaming the vendor blindly. When spikes exceed 12% week-over-week, open a blameless review within 48 hours while raw logs are still retained.
Alert when disk free falls below 15% for more than 10 minutes; page infra before the gateway blocks writes mid-compaction.
Retain structured audit logs for 90 days with correlation IDs tying user messages to compaction versions.
Dashboard success rate of “first attempt answered” alongside prompt token averages so product does not optimize latency while silently exploding cost.
Quarterly, manually review 35 longest threads; automated bucketing still mislabels vendor slowdowns as local memory bugs.
Security when deleting context
Never log entire prompts alongside compaction markers—incident bundles should store hashed conversation IDs only. Redact API keys from debug dumps even when engineers are tired at 3 a.m.
GDPR and SOC2 auditors often ask how you prove users were informed before destructive pruning; keep banners and consent timestamps in the same audit index as compaction jobs.
Rotate shared provider keys after any suspected leak, and temporarily tighten summarization concurrency until new keys propagate to every LaunchAgent plist.
Pen-test scripts that hammer “summarize now” endpoints: ensure authentication and rate limits apply so attackers cannot turn compaction into CPU exhaustion.
Finally, rehearse failover: snapshot the on-disk thread store, simulate a failed compaction mid-write, and verify the gateway refuses to start rather than serving partially truncated history. That single drill prevents the worst class of support tickets where users see mismatched answers after an overnight deploy.
FAQ
Should pruning run per message or per hour?
Per message for hot channels; hourly for quiet workspaces to avoid churn.
Does pruning replace throttles?
No—combine both layers.
Why rehearse on a physical Mac mini?
macOS scheduling, disk pressure, and Keychain behavior differ from Linux CI.
Apple Silicon Mac mini hardware remains the most faithful rehearsal platform for OpenClaw memory policies: predictable thermals during long captures, native filesystem behavior for log rotation, and LaunchAgent timing that matches production. MacHTML rents cloud Mac mini hosts with SSH/VNC so platform teams can validate pruning, throttles, and doctor probes without another CapEx cycle—provision for the drill, capture evidence, tear down when green.
Rehearse OpenClaw memory policies on a cloud Mac mini
Rent Apple Silicon capacity to test transcript pruning, disk rotation, and gateway doctor checks on real macOS.