What is the difference between the two paid options?

The Starter Hardening Toolkit helps agent owners assess and tighten a deployment. The Hardening + Evidence Pack adds structured documents for agent owners who need a defensible record of what was reviewed and changed.

Will this break OpenClaw?

Any hardening change can affect runtime behaviour. Back up first, review first, then tighten controls deliberately.

Easy & simple OpenClaw security

Secure your personal agent

M78Armor script simplifies and automates the most common OpenClaw security settings on your personal OpenClaw instance. Be safe and secure.

Get the Free Security Checklist m78setup - free OpenClaw handsfree installer Upgrade your Agent security

local audit preview

$ node m78armor.js --mode audit

WARN gateway still bound to 0.0.0.0 on public interface

FAIL authentication enabled, but secret strength remains weak

WARN reverse proxy boundary incomplete; control plane still wider than expected

INFO evidence package prepared: baseline-sheet.md / deployment-inventory.md

NEXT tighten exposure, rotate secrets, verify skill approval path

Inspect Review current security settings.

Harden Close any security gaps quick-n-easy.

DocumentKeep the records before its too late.

Threat model

Why this is now an operational issue

Most OpenClaw security incidents happen due to basic configuration issues: exposed bindings, weak secrets, permissive runtime access, and unreviewed skill installation.
The first priority to remove these security gaps to enhance security of your agent.

Exposure moves fast

Once the agent's gateway is reachable from the public internet, even a personal agent is exposed to the same risk as larger targets.

Patching is only one control

Configuration hygiene matters too. Authentication, runtime boundaries, permissions also need to be secured.

Skills can be a double edge sword

Every third-party skill extends trust. Source control, approval rules, and protection of long-lived files need to be secured

What you receive

A security toolkit that secures your agent

Each package combines automated scripted security configuration, help and guidance, and an evidence documentation package for agent's risk management.

Script

Security configuration script

Scripted configration for the security gaps in default agents deployments.

Guide

Quick Start and Installation Sheet

Quick setup guidance and commands that helps you run the m78armor script.

Sheet

FAQ

Usage notes and most common questions answered in simple language.

Inventory

Working files

Only in the premium package: structured files for baseline review, deployment inventory, and operator tracking.

Evidence

Evidence documents

Only in the premium package: documentation when you need a cleaner audit trail and handoff record.

Workflow

How m78armor adds value on a recurring basis

m78armor allows you to: inspect what is exposed, tighten what matters, and retain enough evidence to explain the remediation path over the entire life cycle of your agent.

Inspect

Do a gaps audit anytime. Get your updated on the security exposure, runtime, boundary, and skill-control issues quickly.

Harden

Turn the security gaps into a quick remediation list instead of reverse-engineering guidance from scattered posts.

Document

When you want to know what changed, the evidence layer gives the answers in a structured manner.

Control coverage

Top security checks that tend to matter most

Following are the configuration gaps that often cause security breachers in self-hosted OpenClaw environments.

Gateway exposureWhether the gateway is still bound to 0.0.0.0 on a public-facing interface.

AuthenticationIs the authentication weak or is it actually enforced.

CVE statusWhether the agent version has a known vulnerability exposure.

Control plane scopeWhether the control surface is broader than the deployment really needs.

Secret readabilityWhether configuration files and secrets are exposed to the wrong runtime identity.

Proxy boundariesWhether ports, reverse proxy rules, and VPN configurations are weak.

Skill approvalWhether new or unknown "skills" installation is controlled or effectively open.

Long-lived filesWhether SOUL.md and MEMORY.md are treated as protected assets.

Runtime identityWhether least privilege and runtime separation are handled correctly.

LoggingWhether the deployment keeps enough signal to reconstruct events later.

Buyer fit

Who should use it — and who should not

Good fit

Solo self-hosters and small technical teams
VPS, local, Aliyun, and Tencent Cloud deployments
Individuals who can execute commands but do not want to reverse-engineer guidance from scattered posts
Agent owners who need a practical and automated security configuration, not a platform subscription

Not the right fit

Large enterprise platform teams with established internal tooling
Managed hosting customers who do not control the runtime boundary
Procurement-led agent owners expecting vendor liability transfer
Anyone looking for a one-click promise that everything is safe

Solutions Toolkit

Three Solutions - Choose as per your needs

Free manual security configuration, automated security configuration, or automated security configuration plus evidence documents. Paid packages are fulfilled manually after the order request and bank transfer confirmation.

Security Checklist Document

Free

Manual settings if you do not want to spend money and have lots of free time.

Direct download
Manual security configuration updates

Get the Free Security Checklist

Starter - Security Toolkit

CNY88 / USD29

For agent owners who want an automated & scripted security configuration toolkit

Security configuration script
Quick start, Install sheet and FAQ page
Place order below for further instructions

Order Starter pack

Premium - Starter + Evidence

CNY188 / USD49

For agent owners who also need structured records and handoff material.

Includes the starter package
Adds working files and evidence documents

Order Premium package

Premium package preview

Why the documentation layer exists

The premium package is not just more files.
It is a cleaner answer when someone asks what was reviewed, what changed, and what still needs attention.

Action

Quick Action Plan

A short remediation plan for agent owners who need the next steps written down, not only discussed.

Gate

Skill Approval Gate

A structured approval note for skill installation, source checks, and runtime boundary sign-off.

One-pager

Security Note

A concise handoff summary for customers, partners, or internal stakeholders who need the short version.

Report

Audit Evidence Report

The fuller evidence layer for agent owners who need a structured record instead of scattered screenshots.

FAQ

Frequently Asked Questions

Do I still need hardening after upgrading OpenClaw?

Yes. Patching only removes known vulnerabilities.
It does not fix configuration gaps, public exposure, oversized permissions, weak authentication, or poor skill controls.

Is it safe to run a third-party script?

M78Armor runs locally. It does not upload configuration files, logs, or secrets.
m78armor script is readable and ships with SHA-256 verification.

What is the real difference between the two paid packages?

The starter package helps agent owners secure their OpenClaw instance quick-n-easy.
The evidence pack adds the documentation layer agent owners usually end up building later, manually by hand which can be very time consuming during emergencies when someone a clear record is needed.

Why is the checklist free?

Because the manual security configuration settings still removes and fixes security gaps. The free checklist helps agent owners define the problem before they decide whether speed and documentation are worth paying for.

Will this guarantee a secure deployment?

No. It improves the security configuration process. It does not replace testing, disciplined change control, life cycle security or responsibility for your own environment.