OpenClaw LogoOpenClaw AI

Security & Sandbox

Secure AI environment with Docker sandbox, tool policies, and network control.

1

Setup & Installation

Self Check: `openclaw security audit --deep`

Enable Sandbox: `sandbox: { mode: 'all', workspaceAccess: 'ro' }`

Policy: `tools: { allow: ['read'], deny: ['exec'] }`

Network: Bind `loopback`, use Tailscale

2

Command Examples

Restrict Agent to read-only file access

Deny dangerous Shell commands

Auto fix permissions: `openclaw security audit --fix`

Important Notes

  • Sandbox off by default, enable for production
  • Elevated mode is high risk, strict whitelist required
  • Audit token exposure regularly

Want to learn more?

Join the OpenClaw community to share advanced scripts and automation workflows.

Visit GitHub