Isolation · Least privilege · Approvals · Monitoring
Security
OpenClaw is credentialed automation. We ship first wins safely by default and increase autonomy step-by-step once you have confidence and telemetry.
Isolation
Dedicated runtime
- Run on a dedicated VM/container/host
- Separate environments for pilot vs production
- Restrict network access where possible
Credentials
Least privilege
- Service accounts, not personal accounts
- Minimal scopes (read-only first)
- Rotation guidance and access reviews
Approvals
Draft-first by default
- Approvals for external sends
- Approvals for CRM writes
- Allowlists for tools and domains
Auditability
Logging and monitoring
- Tool-call logging and output retention policy
- Alerts for unusual actions or failures
- Monthly review cadence (retainer)
Skill hygiene
Review before install
- Review and allowlist skills and sources
- Versioning and rollback
- Separation of duties for sensitive actions
We do not blindly install third-party skills without review.
Baseline checklist
Our production-ready minimum
- Dedicated runtime (VM/container/host)
- Service accounts and least privilege scopes
- Human approval on external sends and writes
- Allowlists for tools/domains
- Logging + alerts + review cadence
- Rollback procedures for skills and workflows