Security hardening for AI agents - Moltbot, OpenClaw, Cursor, Claude. Lock down gateway, fix permissions, auth, firewalls. Essential for vibe-coding setups.
Real data. Real impact.
Emerging
Developers
Per week
Open source
Skills give you superpowers. Install in 30 seconds.
Your Moltbot gateway was designed for local use. When exposed to the internet without proper security, attackers can access your API keys, private messages, and full system access.
Based on: Real vulnerability research that found 1,673+ exposed OpenClaw/Moltbot gateways on Shodan.
When your gateway is publicly accessible:
Prompt injection attack example: An attacker sends you an email with hidden instructions. Your AI reads it, extracts your recent emails, and forwards summaries to the attacker. No hacking required.
Run this to check your current security posture:
openclaw security audit --deep
Auto-fix issues:
openclaw security audit --deep --fix
What this does: Prevents the gateway from accepting connections from other machines.
Check your
~/.openclaw/openclaw.json{ "gateway": { "bind": "loopback" } }
Options:
loopbacklanautoOption A: Token Authentication (Recommended)
Generate a secure token:
openssl rand -hex 32
Add to your config:
{ "gateway": { "auth": { "mode": "token", "token": "your-64-char-hex-token-here" } } }
Or set via environment:
export CLAWDBOT_GATEWAY_TOKEN="your-secure-random-token-here"
Option B: Password Authentication
{ "gateway": { "auth": { "mode": "password" } } }
Then:
export CLAWDBOT_GATEWAY_PASSWORD="your-secure-password-here"
What this does: Ensures only you can read sensitive config files.
chmod 700 ~/.openclaw chmod 600 ~/.openclaw/openclaw.json chmod 700 ~/.openclaw/credentials
Permission meanings:
700600Or let OpenClaw fix it:
openclaw security audit --fix
What this does: Stops OpenClaw from announcing itself via mDNS/Bonjour.
Add to your shell config (
~/.zshrc~/.bashrcexport CLAWDBOT_DISABLE_BONJOUR=1
Reload:
source ~/.zshrc
Older Node.js versions have security vulnerabilities. You need v22.12.0+.
Check version:
node --version
Mac (Homebrew):
brew update && brew upgrade node
Ubuntu/Debian:
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash - sudo apt-get install -y nodejs
Windows: Download from nodejs.org
What this does: Creates encrypted tunnel between your devices. Access OpenClaw from anywhere without public exposure.
Install Tailscale:
# Linux curl -fsSL https://tailscale.com/install.sh | sh sudo tailscale upMac
brew install tailscale
Configure OpenClaw for Tailscale:
{ "gateway": { "bind": "loopback", "tailscale": { "mode": "serve" } } }
Now access via your Tailscale network only.
For cloud servers (AWS, DigitalOcean, Hetzner, etc.)
Install UFW:
sudo apt update && sudo apt install ufw -y
Set defaults:
sudo ufw default deny incoming sudo ufw default allow outgoing
Allow SSH (don't skip!):
sudo ufw allow ssh
Allow Tailscale (if using):
sudo ufw allow in on tailscale0
Enable:
sudo ufw enable
Verify:
sudo ufw status verbose
⚠️ Never do this:
# DON'T - exposes your gateway publicly sudo ufw allow 18789
Disable password auth (use SSH keys):
sudo nano /etc/ssh/sshd_config
Change:
PasswordAuthentication no PermitRootLogin no
Restart:
sudo systemctl restart sshd
Before deploying:
loopbacklan{ "gateway": { "port": 18789, "bind": "loopback", "auth": { "mode": "token", "token": "YOUR_64_CHAR_HEX_TOKEN" }, "tailscale": { "mode": "serve" } } }
Based on security research by @NickSpisak_ who found 1,673+ exposed gateways on Shodan.
Original article: https://x.com/nickspisak_/status/2016195582180700592
clawdhub install NextFrontierBuilds/moltbot, openclaw-security
Built by @NextXFrontier
No automatic installation available. Please visit the source repository for installation instructions.
View Installation Instructions
1,500+ AI skills, agents & workflows. Install in 30 seconds. Part of the Torly.ai family.
© 2026 Torly.ai. All rights reserved.