Beta — OpenClaw users only

Your OpenClaw is probably
exposed right now.

Clawdit finds out in 10 seconds. Free. Runs locally. Nothing leaves your machine.

curl -sSL https://clawdit.space/install.sh | bash

Free. Runs locally. No data leaves your machine.

The problem

Three real risks. Zero warnings from OpenClaw.

01

Your API keys are in a text file

openclaw.json stores keys in plaintext. If that file is world-readable, every user on your machine can see them.

02

Your gateway might be open to your whole network

If OpenClaw is bound to your LAN interface, anyone on your WiFi can access your agents.

03

You had no way to know

OpenClaw has no built-in security audit. Clawdit closes that gap before something goes wrong.

How it works

Three commands. Done.

1

Install

One curl command. No dependencies beyond what OpenClaw already requires.

$ curl -sSL https://clawdit.space/install.sh | bash
2

Audit

Clawdit inspects your config, permissions, and network bindings. Takes under 10 seconds.

$ clawdit audit
3

Fix

Pro users run auto-fix. Free users get a plain English report of exactly what to change.

$ clawdit fix --auto

Real output

Exactly what you get.

No noise. No 40-page PDF. Just the risks, scored, with clear instructions to fix them.

clawdit audit

$ clawdit audit

Clawdit v0.9.1 — scanning your OpenClaw setup...


Checking config file permissions...

✗ CRITICAL openclaw.json is world-readable (-rw-r--r--)

✗ CRITICAL ANTHROPIC_API_KEY exposed in plaintext


Checking gateway bindings...

⚠ WARNING Gateway bound to 0.0.0.0:3000 (all interfaces)

⚠ WARNING No auth required on gateway endpoint


Checking update status...

✓ PASS OpenClaw is up to date (v2.4.1)


─────────────────────────────────────

Security score: F (23/100)

2 critical issues, 2 warnings, 1 passing


Run clawdit fix --auto to resolve critical issues.

Or see the full report: ~/.clawdit/report-2026-03-01.md


$ clawdit fix --auto

Applying fixes...

✓ Fixed openclaw.json permissions → 600

✓ Fixed Gateway rebound to 127.0.0.1:3000


Re-scanning...


Security score: C (71/100)

0 critical issues, 1 warning, 3 passing

Done in 4.2s.

Pricing

Start free. Upgrade when you need more.

Free

$0forever
  • Full security audit
  • Security score (0–100)
  • Plain English risk report
  • Always free — no card required
Get started free
Most popular

Pro

$9/mo
  • Everything in Free
  • Auto-fix mode
  • Watch mode — alerts on new exposure
  • Email alerts
Start Pro trial

Team

$29/mo
  • Everything in Pro
  • Multi-machine monitoring
  • Centralized dashboard
  • Team alerts and shared reports
Contact us

Start your free audit.

One command. No account required. Works on macOS and Linux. If your setup is clean, you get a score that says so. If it's not, you get a list of exactly what to fix.

curl -sSL https://clawdit.space/install.sh | bash

Free forever. No account. No telemetry.