OpenClaw Wealth Pilot

OpenClaw Wealth Pilot: AI advisor gets Telegram instructions, delivers market analysis + trade recs, executes confirmed IBKR orders via Auth0 Token Vault secure delegation

Comment

Inspiration

Retail investors today are stuck between two bad options: generic robo-advisors that don’t know their real-life constraints, and manual trading that demands constant screen time and discipline. I wanted an AI “co-pilot” that could understand plain-language instructions, respect risk limits, and then do the grunt work of monitoring markets and preparing orders. OpenClaw and Auth0’s Token Vault felt like the perfect combo to make that both powerful and safe.

What it does

OpenClaw Wealth Pilot lets you message an AI advisor on Telegram in natural language (for example: “shift 10% from cash into large-cap tech over the next week, but cap daily downside at 1%”). The agent turns those instructions into structured goals, pulls real-time market data, and produces portfolio-aware analysis and trade recommendations. When you confirm a plan, it uses Auth0 for AI Agents Token Vault to obtain scoped, short-lived credentials and submit IBKR orders on your behalf, without ever handling long-lived API keys or raw passwords.

How we built it

The core agent runs on OpenClaw, using a skill graph that connects three main pieces: Telegram as the user channel, market data and portfolio APIs for analysis, and Auth0 Token Vault for secure broker access. We defined a “wealth-pilot” agent template that encodes risk preferences and portfolio constraints, then wired it to call out to tools for quote retrieval, portfolio snapshots, and order simulation before asking the user to confirm. On the security side, we integrated Auth0’s Token Vault so the agent can exchange a delegated token for IBKR access tokens with tightly-scoped permissions and automatic expiry. The project is packaged as an OpenClaw deployment with configuration for the Auth0 tenant, Telegram bot token, and IBKR sandbox, so it can run as a long-lived service.

Challenges we ran into

Designing the right trust boundary was tricky: the agent needs enough authority to act usefully, but not so much that a prompt injection could lead to unrestricted trading. We had to experiment with how to use Token Vault scopes, token lifetimes, and per-action confirmation to keep the blast radius small while still feeling “autonomous.” On the UX side, turning messy natural-language instructions into a structured plan (asset universe, time horizon, risk bounds) and then explaining that back to the user in a clear, human way took several iterations of prompt engineering and tool design.

Accomplishments that we're proud of

We’re proud that the agent never sees or stores raw brokerage credentials; all sensitive access is mediated by Auth0 for AI Agents, which dramatically reduces the risk of key leakage. The second big win is the Telegram-first UX: users don’t need to learn a new dashboard—they just chat, review a concise trade plan, and tap to confirm. Finally, we like that the architecture is reusable: the same pattern (OpenClaw + Token Vault + domain-specific tools) could be applied to other regulated actions like invoice payments or bill management.

What we learned

We learned that “agentic finance” lives or dies on access control design; getting OAuth flows, token exchange, and scopes right is at least as important as model choice. We also saw how powerful OpenClaw’s skill system is for breaking down complex financial workflows into small, testable tools that the agent can orchestrate. Finally, we gained a much better understanding of how to design conversational UX for high-stakes actions, including when to slow the user down and demand explicit confirmation.

What's next for OpenClaw Wealth Pilot

Next, we want to add richer portfolio intelligence (for example, scenario analysis, tax-aware rebalancing, and “what if” simulations) so the agent can propose more nuanced strategies. We also plan to expand beyond IBKR to support multiple brokers and regions using the same Token Vault-based security model. Longer term, the goal is to turn OpenClaw Wealth Pilot into a reusable template so other developers can plug in their own data sources, models, and execution venues to spin up specialized AI wealth copilots quickly.

Built With

  • auth0-for-ai-agents-token-vault;
  • openclaw;
  • python;
  • telegram-bot-api;
  • typescript;
Share this project:

Updates