Top OpenClaw risks: public exposure · CVE-2026-25253 / CVE-2026-32922 · malicious skills / ClawHavoc
Free security checklist

OpenClaw security checklist for manual configuration

The Free Security Checklist contains configuration settings which agent owners need to manually updated on their OpenClaw instance to reduces security gaps. It gives you a step-by-step process to inspect public exposure, access control, runtime boundaries, and skills related security risks.

Download the PDF formatDownload the DOCX format
M78Armor mascot
Scope: Manual efforts

What the free security checklist covers

This is not generic security advice. It is a focused guidance of the security configuration of OpenClaw that helps reduce security risks in self-hosted OpenClaw instances.

  1. Internet-facing binding and entry points
  2. Authentication, secret strength, and default credentials
  3. Installed version and known CVE exposure
  4. WebSocket and control-surface exposure
  5. Configuration and secret file permissions
  6. Reverse proxy, VPN, and port boundaries
  7. Skill installation and approval policy
  8. Protection of SOUL.md and MEMORY.md
  9. Runtime identity, privilege separation, and container boundary
  10. Logging, auditability, and basic incident trail
Best use case

When the free checklist is enough — and when it stops being enough

Enough for now

  • You are ok with slow and manual security configuration.
  • You have lots of free time
  • You are fine with troubleshooting
  • You are comfortable updating the security configuration yourself
  • You do not need a formal evidence pack yet
  • You need clarity more than automation

Time to move up

  • You want repeatable reviews instead of the same manual walk-through every time
  • You need a cleaner operating workflow for the actual configuration work
  • You expect questions from a manager, customer, or partner about what changed
  • You want documentation that does not start as an ad hoc note file
Upgrade path

What's better compared to the free checklist

The Free Security Checklist helps you to understand the security configurations on your OpenClaw agent.
The paid - m78armor security script, takes the next step: scripted hardening for the agebt onwer, plus optional evidence documents for agent owners who need a clearer record.

Security Checklist
Free
Manual configuration
  • Direct download
  • No email gate
  • Best for first-pass triage
Starter Toolkit
CNY88 / USD29
Scripted security configuration
  • For agent owners who want automated solution
  • Quick-n-Easy configuration
  • Delivery on email
Request Starter package
Premium Toolkit
CNY188 / USD49
Scripted hardening plus evidence pack
  • For reviews, handoffs, and structured internal records
  • Adds working files and evidence documents
  • Uses the same manual order route
Request Evidence package
Paid fulfilment: Order the package, receive payment instructions, complete the payment, package delivered by email.
FAQ

Frequently Asked Questions

Do I need to submit an email address?

No. The free checklist download is direct.

Why offer the checklist free?

Because the manual review still has real value. The Free Security Checklist helps agent owners define the issue before they pay for speed or documentation.

Is the checklist enough on its own?

It is enough for an initial review. It is not a substitute for disciplined hardening, testing, or documentation when the deployment actually needs to be fixed and defended.

How current is the checklist?

The checklist tracks the current operating risks discussed on the site. Validate live version details against your own deployment before you change anything.

Start with the free checklist, then move up when needed

If manual security configuration becomes the bottleneck, use the order request page for the paid packages.

Download PDFDownload DOCXGet the free m78setup releaseSubmit order request
Write to us: support@m78armor.com