Guide

OpenClaw Security Hardening Guide

Your AI agent has access to email, files, shell commands, and APIs. Here's how to lock it down for production use.

Exec Approval Configuration

By default, OpenClaw agents can execute shell commands. In production, you should require explicit approval for sensitive operations:

  • Full approval mode: Every exec command requires human approval before running
  • Allowlist mode: Define a set of safe commands that run automatically; everything else requires approval
  • Deny mode: Completely disable shell execution for the agent
# Set exec approval to allowlist mode
openclaw config set exec.security allowlist

# Define allowed commands
openclaw config set exec.allowlist "git,npm,node,cat,ls,grep"

For most business deployments, allowlist mode strikes the right balance between utility and safety.

Credential Management

Never store API keys or tokens in plain text files. OpenClaw provides encrypted credential storage:

  • Use openclaw config set for all sensitive values — they're encrypted at rest
  • Rotate API keys on a regular schedule (monthly recommended)
  • Use separate API keys for each agent in multi-agent setups
  • Never put credentials in SOUL.md, AGENTS.md, or other workspace files
  • Use environment variables for CI/CD integrations

RLS & Data Isolation

When multiple agents share a system, data isolation is critical:

  • Separate workspaces: Each agent gets its own workspace directory with independent SOUL.md and memory
  • File permissions: Use OS-level file permissions to prevent cross-agent access
  • Database RLS: If agents access shared databases, implement Row-Level Security so each agent only sees its own data
  • Channel isolation: Bind each agent to specific channels — don't let the support agent access the CEO's email

Network Security

The OpenClaw gateway exposes a local API. Protect it:

  • Bind the gateway to 127.0.0.1 only (default) — never expose to the internet directly
  • Use a reverse proxy (Caddy, nginx) with TLS if remote access is needed
  • Set up firewall rules to restrict inbound connections
  • Use a VPN for remote administration
  • Disable unused channel integrations to reduce attack surface

Monitoring & Alerting

You should know what your agents are doing at all times:

  • Audit logs: OpenClaw logs all agent actions. Review them regularly.
  • Cost monitoring: Track API spend per agent to catch runaway usage early
  • Uptime monitoring: Use a health check endpoint to verify the gateway is running
  • Error alerting: Set up notifications for agent errors, failed tasks, and connectivity issues
  • Activity dashboards: Track messages processed, tasks completed, and response times

Security Checklist

Exec approval configured (allowlist or full approval)
All credentials stored via openclaw config (encrypted)
API keys rotated within last 30 days
Agent workspaces isolated with proper file permissions
Gateway bound to localhost only
Firewall configured to block unnecessary inbound traffic
Audit logging enabled and reviewed weekly
Cost alerts set for API providers
Unused channel integrations disabled
Regular backups of agent workspace and configuration

Soxoa includes security hardening in every implementation

Don't leave security as an afterthought. Every Soxoa deployment includes full security hardening, audit configuration, and a security review during the 14-day hypercare period.

Book a free 15-min call →