moltbot-securitySecurity hardening for AI agents - Moltbot, OpenClaw, Cursor, Claude. Lock down gateway, fix permissions, auth, firewalls. Essential for vibe-coding setups.
Install via ClawdBot CLI:
clawdbot install NextFrontierBuilds/moltbot-securityYour Moltbot gateway was designed for local use. When exposed to the internet without proper security, attackers can access your API keys, private messages, and full system access.
Based on: Real vulnerability research that found 1,673+ exposed OpenClaw/Moltbot gateways on Shodan.
When your gateway is publicly accessible:
Prompt injection attack example: An attacker sends you an email with hidden instructions. Your AI reads it, extracts your recent emails, and forwards summaries to the attacker. No hacking required.
Run this to check your current security posture:
openclaw security audit --deepAuto-fix issues:
openclaw security audit --deep --fixWhat this does: Prevents the gateway from accepting connections from other machines.
Check your ~/.openclaw/openclaw.json:
{
"gateway": {
"bind": "loopback"
}
}Options:
loopback ā Only accessible from localhost (most secure)lan ā Accessible from local network onlyauto ā Binds to all interfaces (dangerous if exposed)Option A: Token Authentication (Recommended)
Generate a secure token:
openssl rand -hex 32Add to your config:
{
"gateway": {
"auth": {
"mode": "token",
"token": "your-64-char-hex-token-here"
}
}
}Or set via environment:
export CLAWDBOT_GATEWAY_TOKEN="your-secure-random-token-here"Option B: Password Authentication
{
"gateway": {
"auth": {
"mode": "password"
}
}
}Then:
export CLAWDBOT_GATEWAY_PASSWORD="your-secure-password-here"What this does: Ensures only you can read sensitive config files.
chmod 700 ~/.openclaw
chmod 600 ~/.openclaw/openclaw.json
chmod 700 ~/.openclaw/credentialsPermission meanings:
700 = Only owner can access folder600 = Only owner can read/write fileOr let OpenClaw fix it:
openclaw security audit --fixWhat this does: Stops OpenClaw from announcing itself via mDNS/Bonjour.
Add to your shell config (~/.zshrc or ~/.bashrc):
export CLAWDBOT_DISABLE_BONJOUR=1Reload:
source ~/.zshrcOlder Node.js versions have security vulnerabilities. You need v22.12.0+.
Check version:
node --versionMac (Homebrew):
brew update && brew upgrade nodeUbuntu/Debian:
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
sudo apt-get install -y nodejsWindows: Download from nodejs.org
What this does: Creates encrypted tunnel between your devices. Access OpenClaw from anywhere without public exposure.
Install Tailscale:
# Linux
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up
# Mac
brew install tailscaleConfigure OpenClaw for Tailscale:
{
"gateway": {
"bind": "loopback",
"tailscale": {
"mode": "serve"
}
}
}Now access via your Tailscale network only.
For cloud servers (AWS, DigitalOcean, Hetzner, etc.)
Install UFW:
sudo apt update && sudo apt install ufw -ySet defaults:
sudo ufw default deny incoming
sudo ufw default allow outgoingAllow SSH (don't skip!):
sudo ufw allow sshAllow Tailscale (if using):
sudo ufw allow in on tailscale0Enable:
sudo ufw enableVerify:
sudo ufw status verboseā ļø Never do this:
# DON'T - exposes your gateway publicly
sudo ufw allow 18789Disable password auth (use SSH keys):
sudo nano /etc/ssh/sshd_configChange:
PasswordAuthentication no
PermitRootLogin noRestart:
sudo systemctl restart sshdBefore deploying:
loopback or lan{
"gateway": {
"port": 18789,
"bind": "loopback",
"auth": {
"mode": "token",
"token": "YOUR_64_CHAR_HEX_TOKEN"
},
"tailscale": {
"mode": "serve"
}
}
}Based on security research by @NickSpisak_ who found 1,673+ exposed gateways on Shodan.
Original article: https://x.com/nickspisak_/status/2016195582180700592
clawdhub install NextFrontierBuilds/moltbot, openclaw-securityBuilt by @NextXFrontier
Generated Mar 1, 2026
A software development team uses Moltbot and OpenClaw for AI-assisted coding across multiple projects. They need to secure their gateway to prevent unauthorized access to API keys and sensitive code repositories, especially when team members work remotely. Implementing token authentication and Tailscale ensures secure collaboration without exposing the gateway to the internet.
A freelance developer uses Claude and Cursor for client projects, storing API keys and conversation histories locally. They must lock down their gateway to protect client data from potential breaches, as exposed gateways could lead to data theft. Following the security checklist, including binding to loopback and setting file permissions, mitigates risks during remote work sessions.
A tech startup integrates AI agents like Moltbot into their internal tools for automation and customer support. They need to secure their gateway to safeguard proprietary algorithms and user data from external attacks. Deploying firewall rules and disabling network broadcasting prevents unauthorized access while maintaining productivity in a vibe-coding environment.
A university lab uses OpenClaw for research on AI coding assistants with students accessing the gateway from various devices. They must implement authentication and update Node.js to prevent vulnerabilities that could compromise research data. Using Tailscale for remote access allows secure student collaboration without public exposure.
A large corporation deploys Moltbot in their DevOps pipeline for automated code reviews and deployments. They require hardening to meet compliance standards and protect against prompt injection attacks that could leak sensitive information. Configuring SSH hardening and audit tools ensures robust security for critical infrastructure.
Offer automated security audits and fixes for AI agent gateways, leveraging the openclaw security audit tool. This model targets developers and teams needing compliance checks, with revenue from subscription-based scans and one-time audit fees. It scales by integrating with CI/CD pipelines for continuous monitoring.
Provide consulting services to set up and configure Tailscale for secure remote access to AI gateways, focusing on businesses with distributed teams. Revenue comes from hourly rates or project-based fees for implementation and training. This model benefits from partnerships with Tailscale and ongoing support contracts.
Sell pre-configured security packages including scripts, templates, and support for hardening Moltbot and similar AI agents. Target individual developers and small teams looking for quick deployment, with revenue from one-time sales or tiered licensing. Upsell opportunities include custom configurations and priority updates.
š¬ Integration Tip
Start by running the security audit tool to identify issues, then prioritize binding to loopback and setting authentication tokens for immediate protection.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.