Do Not Install on Your Personal Computer
OpenClaw is an autonomous AI agent with access to your files, shell, and network. Never run it on a machine containing sensitive personal data, credentials, or work systems.
β Recommended Setup
π€ Why This Matters
OpenClaw is designed to be autonomous and capable. That power requires responsibility.
ποΈ File Access
OpenClaw can read, write, and delete files. On your personal machine, that includes documents, photos, credentials, and browser data.
π» Shell Access
It can execute any command your user can run. That includes installing software, accessing networks, and modifying system settings.
π Network Access
OpenClaw can make HTTP requests, browse the web, and communicate with external services. It could inadvertently expose data.
π Credential Exposure
API keys, tokens, and passwords stored on the machine are accessible. A misconfigured prompt could lead to unintended disclosure.
π Security Checklist
Never your daily driver. Isolation is your first line of defense.
Avoid saving passwords, SSH keys to production systems, or API keys with broad permissions on the OpenClaw machine.
When OpenClaw needs API access (Shopify, Google, etc.), create keys with minimal required permissions.
Clearly define what the agent should and shouldn't do. Set explicit boundaries in your prompt files.
Restrict which users can interact with your agent via Telegram, Discord, etc.
Regularly review what your agent is doing. Check memory files and command history.
Snapshot your VPS or backup your dedicated machine. If something goes wrong, you can recover.
π Network Security
Firewall Configuration
If running on a VPS, configure your firewall to only allow necessary ports:
# Allow SSH (change port if needed)
ufw allow 22/tcp
# Allow OpenClaw gateway (if remote access needed)
ufw allow 18789/tcp
# Enable firewall
ufw enable
VPN / Tailscale
Consider putting your OpenClaw machine on a private network using Tailscale or WireGuard. This keeps it off the public internet while still accessible to you.
No Port Forwarding
Avoid exposing OpenClaw directly to the internet. Use reverse proxies with authentication if external access is required.
β¨ Built-In Safety Features
OpenClaw includes several security-conscious features:
By default, file deletions go to trash, not permanent removal.
Restrict who can message your agent on each platform.
All agent activity is logged to readable files you can audit.
Agents are instructed to ask before taking destructive or external actions.
π‘οΈ Security Updates in 2026.6.x
The current OpenClaw line focuses on practical operator safety: scoped credentials, safer browser surfaces, approval metadata, plugin manifest boundaries, and update paths that avoid mixed-version installs.
Owner and Approval Boundaries
Owner-enforced commands, structured approval metadata, and stricter channel route matching reduce the chance that privileged actions execute from the wrong identity or room.
2026.6.xSafer File and Media Boundaries
Path validation, media staging, attachment handling, and sandbox-aware file access keep tool inputs explicit instead of silently trusting arbitrary paths or dropped files.
2026.6.xExec and Tool Policy Hardening
Exec approvals, tool allow/deny lists, protected gateway config paths, and fail-closed empty allowlists make powerful tools easier to govern and audit.
2026.6.xSecretRef and Token Hygiene
Onboarding and update flows increasingly prefer SecretRef-backed credentials, avoid leaking service tokens into world-readable supervisor metadata, and redact diagnostics by default.
2026.6.xBrowser and SSRF Guardrails
Browser snapshot/screenshot routes, managed profiles, permission handling, and proxy boundaries are being tightened so automation stays inside the intended browser lane.
2026.6.xUpdate and Plugin Safety
Staged package updates, plugin manifest contracts, startup activation metadata, and dependency staging reduce mixed-version installs and surprise plugin imports.
2026.6.xStay Protected: Run openclaw update status and openclaw update regularly to get the latest security fixes.
π§ Tool Policy Configuration
OpenClaw lets you control which tools your agent can use and how they behave.
# Check the active config file and validate changes
openclaw config file
openclaw config validate
# Use exec policy controls/approvals for host commands
openclaw exec-policy show
Ready to Set Up Securely?
Follow our setup guide with security best practices in mind.