Most Important
OpenClaw Security & Permissions Guide
If OpenClaw can act, you must control what it's allowed to do.
Core Security Principles
- Least privilege is mandatory
- Automation should be scoped, not unrestricted
- Access must be revocable
- Every action should be traceable
Recommended Permission Levels
⚠️Start at Level 0. Move up only when necessary.
Level 0
Read Only
- Read-only file access
- Read-only APIs
- No system commands
Level 1
Scoped Actions
- Limited directories
- Whitelisted commands
- Restricted network access
Level 2
Full Actions (Use Carefully)
- Only in isolated or controlled environments
- Never on shared systems
- Always audited
Managing Tokens, SSH Keys, and Secrets
- Never hardcode secrets
- Never commit secrets to repositories
- Use environment variables or secret managers
- Rotate keys regularly
- Revoke unused credentials
Network & Deployment Boundaries
- Restrict outbound traffic whenever possible
- Do not expose OpenClaw directly to the public internet
- Limit open ports
- Use firewall and security group rules
Audit Logs & Accountability
Who triggered an action? What was executed? What was the result?
Guidance
- Log all executions
- Retain logs for investigation
- Treat logs as security assets
Example Security Policy (Minimal)
OpenClaw runs with scoped permissions, limited network access, audited execution logs, and revocable credentials.