How to Secure Your OpenClaw Installation: A Complete Guide

Why Security Matters

Running a self-hosted AI assistant means you're responsible for its security. OpenClaw has experienced several security incidents, and a compromised installation could:

• Expose your API keys and credentials
• Leak conversation history
• Allow remote code execution
• Be used to send spam or malicious messages
• Incur unexpected API costs

Critical: Update to v2026.1.29 or Later

CVE-2026-25253 (CVSS 8.8) was a high-severity vulnerability allowing one-click remote code execution via malicious links. This was patched in version 2026.1.29.

Check your version:

openclaw --version

Update immediately if you're on an older version.

1. Gateway Authentication (Mandatory)

As of v2026.1.29, gateway auth is no longer optional. The "none" mode has been removed.

You must configure one of:

• Token authentication
• Password authentication
• Tailscale Serve identity

// config.json
{
  "gateway": {
    "auth": "token",
    "token": "${OPENCLAW_GATEWAY_TOKEN}"
  }
}

2. API Key Management

Never hardcode API keys in configuration files.

# Bad - Keys in config file
ANTHROPIC_API_KEY=sk-ant-xxxxx

# Good - Use environment variables
ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}

Best practices:

• Use environment variables for sensitive values
• Consider a secrets manager (HashiCorp Vault, AWS Secrets Manager)
• Rotate keys regularly
• Use separate keys for development and production

3. Skill Marketplace Security

The ClawHub skill marketplace has been targeted by malicious actors. 341 malicious skills were discovered distributing malware.

Protection measures:

• Only install skills from official ClawHub
• Verify skill publishers before installation
• Avoid skills with suspicious "Prerequisites" sections
• Never download password-protected ZIP files from skill instructions
• Watch for typosquatting (e.g., clawhubb, clawhub-cli)

4. Network Security

Restrict network access to your OpenClaw instance.

• Run behind a reverse proxy (nginx, Caddy)
• Enable HTTPS with valid certificates
• Use a VPN for remote access
• Disable unnecessary ports
• Enable Doctor warnings for exposed gateways

5. Moltbook Integration Risks

If connecting to Moltbook, be aware of additional risks:

• Prompt injection attacks from other agents
• Potential credential exposure (1.5M API keys were leaked)
• Limited verification of agent authenticity

Recommendations:

• Use a separate API key for Moltbook interactions
• Implement content filtering for agent interactions
• Monitor for unusual agent behavior

6. Logging and Monitoring

Maintain audit trails for security investigations.

Essential logs:

• Authentication attempts
• API calls and responses
• Configuration changes
• Error events

{
  "logging": {
    "level": "info",
    "auditTrail": true,
    "sensitiveDataMasking": true
  }
}

Security Checklist

• [ ] Running v2026.1.29 or later
• [ ] Gateway authentication configured (not "none")
• [ ] API keys stored securely (not in code)
• [ ] HTTPS enabled with valid certificate
• [ ] Skills audited against official ClawHub
• [ ] Network access restricted
• [ ] Logging configured
• [ ] Monitoring alerts set up
• [ ] Moltbook integration risks understood

Additional Resources

• OpenClaw Security Documentation
• OpenClaw Security Advisories
• CVE-2026-25253 Details