SECURITY • OpenClaw quick fix

Exposed openclaw.json? Rotate before agents run.

A field report warned that exposed OpenClaw config files can become a model-credit-drain path. The exact incident still needs independent confirmation, but the risk is real: OpenClaw config can contain provider keys, tokens, app secrets, and gateway settings, and a closed GitHub issue showed how raw config exposure can leak plaintext credentials through tool surfaces.

In simple words: Make a safe copy if the step could change your setup, try the smallest check, then confirm OpenClaw is back to normal before doing more. The source link and commands stay below for people who want the technical detail.

Checklist

Keep `~/.openclaw`, `openclaw.json`, env files, logs, and backup archives out of public web roots, shared static folders, repos, and unauthenticated file browsers.

Fast local exposure sweep

# Run from any repo or deployed static root you control.
find . -maxdepth 4 -type f \( -name 'openclaw.json' -o -name '.env*' -o -name '*backup*.zip' \) -print

Check every self-hosted box, tunnel, and reverse proxy: only the intended gateway/control surfaces should be reachable, and admin/config paths should require trusted access.

If config may have leaked, rotate provider keys and bot/app secrets first; do not wait for proof that credits have already been used.

Set provider-side spend caps, alerts, and per-key separation so a leaked agent key cannot silently burn the whole account.

After rotating, run a small known-good agent task and confirm logs no longer reference the old key or exposed config path.

Success looks like

• No OpenClaw config, env, logs, or backup artifacts are reachable from public URLs or shared static roots.

• Any possibly exposed provider/bot credentials have been rotated and capped.

• The next agent run uses the new secret path and stays within provider-side budget alerts.

Source: GitHub issue + X field report · link

Before the next risky OpenClaw change

Turn this quick fix into a repeatable rollback path.

If this touches tokens, providers, upgrades, plugins, or shared-agent settings, do the free check first — then use a verified snapshot and one restore drill before trusting unattended work again.

What OpenClaw Safety Net adds

pre-change snapshot checklist
restore-drill steps before the real incident
gateway/config smoke test before agents run again

Use the free fix when: you only need to unblock this one low-risk change and can write the backup label, smoke result, and rollback trigger in your own notes.

Buy when: this same risk will happen again, another person needs to repeat the fix, or you want a purchase-to-first-GREEN receipt, restore drill, and written rollback record before agents run unattended.

Do not buy yet if: you have not tried the free checklist, you need live support, or you are not ready to make a verified backup before changing a working setup.

Use OpenClaw Safety Net before the risky change →

Free fix first; buy the playbook only when the rollback path needs a repeatable first-GREEN proof record.

Have a high‑value nugget? Submit it.