1 stable release
| 1.0.0 | Jan 28, 2026 |
|---|
#1719 in Development tools
415KB
2K
SLoC
๐ฆ ClawdGuard
Security hardening for Clawdbot/Moltbot installations. Detects and fixes exposed gateways.
Detect and fix exposed Clawdbot/Moltbot gateways
Problem โข Features โข Quick Start โข Docker โข CLI โข What Gets Fixed โข Development
The Problem
900+ Clawdbot/Moltbot instances are currently exposed on the internet (visible on Shodan, port 18789) without any authentication. This allows anyone to:
| Risk | Impact |
|---|---|
| ๐ Access API keys | Steal OpenAI, Anthropic, and other credentials |
| ๐ป Execute commands | Run arbitrary shell commands on your machine |
| ๐ Control browser | Take over your browsing session |
| ๐ง Read emails | Access Gmail, calendar, contacts |
| ๐ฌ Read chats | See all your conversation history |
| ๐ค Hijack the bot | Send messages on your behalf |
The issue isn't a bugโit's misconfiguration. Users who change gateway.bind to 0.0.0.0 or use Docker with -p 18789:18789 without proper auth are fully exposed.
ClawdGuard addresses these issues.
Features
- ๐ Auto-Detect: Finds config, service, and running gateway automatically
- ๐ Risk Analysis: Scores your configuration 0-10 with detailed breakdown
- ๐ง One-Click Fix: Patches config, generates secure token, restarts service
- โ Verification: Confirms the fix worked (port closed, auth required)
- ๐พ Safe: Creates timestamped backup before any changes
- ๐ฅ๏ธ Cross-Platform: macOS (launchd) and Linux (systemd)
- โน๏ธ Graceful Stop: Press Ctrl+C anytime to cancel safely
- ๐ Verbose Mode: See detailed logs of every check being performed
- ๐ณ Docker Ready: No Rust installation required - just use Docker
Quick Start
1. Choose Your Installation
Option A: Install from crates.io (Recommended)
cargo install clawdguard
# Run
clawdguard
Option B: Build from Source
# Clone repository
git clone https://github.com/fadidevv/clawdguard.git
cd clawdguard
# Build (first time takes ~2 min)
cargo build --release
# Run
./target/release/clawdguard
Option C: With Docker (No Rust Required)
# Clone repository
git clone https://github.com/fadidevv/clawdguard.git
cd clawdguard
# Build image (~3-5 min first time)
docker build --no-cache -t clawdguard .
# Run (mount your config directory)
docker run -v ~/.moltbot:/root/.moltbot clawdguard
# Or for legacy Clawdbot:
docker run -v ~/.clawdbot:/root/.clawdbot clawdguard
2. Run
clawdguard
That's it! ClawdGuard will:
- Detect your Clawdbot/Moltbot installation
- Analyze security risks in your configuration
- Ask for confirmation before making changes
- Patch the config with secure settings
- Verify the fixes were successful
3. Save Your Token
ClawdGuard generates a secure token. Save it!
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ โ ๏ธ IMPORTANT: Save your new gateway token! โ
โ โ
โ clwd_a8f2k9x3m1p7v4q2b6n8... โ
โ โ
โ You'll need this to connect from the Control UI or CLI. โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏ
Docker Setup
Full Docker documentation for those without Rust installed.
Build & Run
# 1. Clone repository
git clone https://github.com/fadidevv/clawdguard.git
cd clawdguard
# 2. Build image (~3-5 min first time)
docker build --no-cache -t clawdguard .
# 3. Run scan (mount your config directory)
# For Moltbot (newer):
docker run -v ~/.moltbot:/root/.moltbot clawdguard
# For Clawdbot (legacy):
docker run -v ~/.clawdbot:/root/.clawdbot clawdguard
# With verbose mode
docker run -v ~/.moltbot:/root/.moltbot clawdguard --verbose
# Scan only (no fixes)
docker run -v ~/.moltbot:/root/.moltbot clawdguard --scan-only
# Auto mode (no prompts)
docker run -v ~/.moltbot:/root/.moltbot clawdguard --auto
# Show help
docker run clawdguard --help
Docker Compose
Simpler syntax using docker-compose:
# Run with docker-compose
docker-compose run clawdguard
# With verbose
docker-compose run clawdguard --verbose
# Scan only
docker-compose run clawdguard --scan-only
# Auto mode
docker-compose run clawdguard --auto
Docker Commands Reference
| Command | Description |
|---|---|
docker build --no-cache -t clawdguard . |
Build image |
docker run clawdguard --help |
Show help |
docker run -v ... clawdguard |
Run scan |
docker run -v ... clawdguard --scan-only |
Scan only |
docker run -v ... clawdguard --auto |
Auto fix |
docker run -v ... clawdguard --verbose |
Verbose mode |
docker-compose run clawdguard |
Run with compose |
Volume Mounts
| Mount | Purpose |
|---|---|
~/.moltbot:/root/.moltbot |
Your Moltbot config directory (newer) |
~/.clawdbot:/root/.clawdbot |
Your Clawdbot config directory (legacy) |
./results:/app/results |
Save results locally |
Docker Tips
# Create alias for easier usage (use your config directory)
alias clawdguard='docker run -v ~/.moltbot:/root/.moltbot clawdguard'
# Or for legacy Clawdbot:
alias clawdguard='docker run -v ~/.clawdbot:/root/.clawdbot clawdguard'
# Then just run:
clawdguard
clawdguard --scan-only
clawdguard --verbose
CLI Reference
clawdguard [OPTIONS]
OPTIONS:
--scan-only Only scan for issues, don't apply fixes
--auto Apply all fixes without confirmation prompts
--backup-dir <DIR> Custom directory for backup files
--skip-firewall Skip adding firewall rules
--skip-restart Skip restarting the gateway service
--token <TOKEN> Use a specific token instead of generating one
-v, --verbose Show detailed output
--json Output results as JSON (for scripting)
-h, --help Print help
-V, --version Print version
Examples
# Basic usage - scan, fix, verify
clawdguard
# Scan only (don't fix anything)
clawdguard --scan-only
# Fix everything automatically (no prompts)
clawdguard --auto
# Use your own token
clawdguard --token "my-secure-token-here"
# Verbose output for troubleshooting
clawdguard --verbose
# JSON output for scripting
clawdguard --json
# Combine options
clawdguard --auto --skip-firewall --verbose
# Custom backup directory
clawdguard --backup-dir /tmp/backups
What Gets Fixed
| Setting | Before (Insecure) | After (Secure) |
|---|---|---|
gateway.bind |
"0.0.0.0" / "lan" / "all" |
"loopback" |
gateway.auth.mode |
"none" / missing |
"token" |
gateway.auth.token |
missing | Generated secure token |
discovery.mdns.mode |
"full" |
"minimal" |
| File permissions | 644 / 755 |
600 |
Risk Score
ClawdGuard calculates a risk score from 0-10:
| Score | Level | Meaning |
|---|---|---|
| 0-3 | ๐ข LOW | Minor issues or already secure |
| 4-6 | ๐ก MEDIUM | Some security concerns |
| 7-10 | ๐ด CRITICAL | Exposed to internet, fix immediately |
Risk Score Calculation:
- Exposed bind address: +3 points
- Missing authentication: +4 points
- External port reachable: +2 points
- mDNS information leak: +1 point
- Open file permissions: +1 point
Output Examples
Normal Mode
___ __ ____ _ _ ____ ___ _ _ __ ____ ____
/ __)( ) ( _ \/ ) ( \( _ \/ __)/ )( \ / _\ ( _ \( \
( (__ / (_/\ ) _ (\ \__/ / ) __/\__ \) \/ (/ \ ) / ) D (
\___)\____/(____/ \____/ (__) (___/\____/\_/\_/(__\_)(____/
๐ฆ Security hardening for Clawdbot/Moltbot
v1.0.0
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โน Press Ctrl+C to cancel at any time
[1/4] ๐ Detecting installation...
โ Config: ~/.clawdbot/clawdbot.json
โ Service: bot.molt.gateway (running, PID 1234)
โ Port 18789 is active
[2/4] โ ๏ธ Analyzing security risks...
โญโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโฎ
โ Issue โ Current Value โ Severity โ
โโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโค
โ Gateway Bind โ 0.0.0.0 โ CRITICAL โ
โ Authentication โ none โ CRITICAL โ
โ mDNS Broadcast โ full โ MEDIUM โ
โฐโโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโฏ
Risk Score: 9/10 ๐ด CRITICAL
โ This will modify your configuration to fix security issues.
โน A backup will be created before any changes.
Proceed with fixes? [y/N]: y
[3/4] ๐ง Applying fixes...
โ Backup: ~/.clawdbot/clawdbot.json.backup.20260128_143022
โ Set gateway.bind = "loopback" (was: "0.0.0.0")
โ Set gateway.auth.mode = "token" (was: "none")
โ Set gateway.auth.token = <generated>
โ Fixed file permissions (600)
Generated Token: clwd_a8f2k9x3m1p7v4q2b6n8...
[4/4] โ
Verifying fixes...
โ Gateway service restarted
โ Port 18789 no longer reachable externally
โ Gateway responding on localhost
โ Authentication is now required
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ โ
โ ๐ SUCCESS! Your Clawdbot/Moltbot is now secure. โ
โ โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏ
JSON Output
clawdguard --json
{"status": "fixed", "token": "clwd_a8f2k9x3m1p7v4q2b6n8...", "backup": "~/.clawdbot/clawdbot.json.backup.20260128_143022"}
Graceful Stop (Ctrl+C)
Press Ctrl+C anytime during scanning to stop safely.
[2/4] โ ๏ธ Analyzing security risks...
^C
โ Interrupted! Exiting...
No changes are made until you confirm, so interrupting is always safe.
After Running
Update Your Environment
# Add to your shell profile (~/.bashrc, ~/.zshrc, etc.)
export CLAWDBOT_GATEWAY_TOKEN="clwd_your_token_here"
Remote Access (Secure Methods)
If you need remote access, use one of these secure methods:
| Method | Command |
|---|---|
| Tailscale (Recommended) | tailscale serve --bg 18789 |
| SSH Tunnel | ssh -L 18789:localhost:18789 your-server |
| Cloudflare Tunnel | cloudflared tunnel --url http://localhost:18789 |
โ ๏ธ Never change gateway.bind back to 0.0.0.0 or expose the port directly.
Troubleshooting
"No Clawdbot/Moltbot installation found"
Make sure:
- Clawdbot or Moltbot is installed
- You've run it at least once (creates
~/.moltbot/or~/.clawdbot/) - Config file exists at
~/.moltbot/moltbot.jsonor~/.clawdbot/clawdbot.json
"Could not restart service"
Try manually:
clawdbot gateway restart
# or
moltbot gateway restart
Token Not Working
- Save the complete token (including
clwd_prefix) - Add to environment or Control UI settings
- Restart the gateway
Docker: Permission Denied
Make sure your config directory is readable:
# For Moltbot (newer)
chmod 755 ~/.moltbot
chmod 644 ~/.moltbot/moltbot.json
# For Clawdbot (legacy)
chmod 755 ~/.clawdbot
chmod 644 ~/.clawdbot/clawdbot.json
Platform Support
| Platform | Status | Service Manager |
|---|---|---|
| macOS | โ Full | launchd |
| Linux | โ Full | systemd (user) |
| Windows | โ ๏ธ WSL2 | Run inside WSL2 |
How It Works
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ClawdGuard v1.0 โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ โ
โ โโโโโโโโโโโโ โโโโโโโโโโโโ โโโโโโโโโโโโ โโโโโโโโโโโโ โ
โ โ DETECT โ โ โ ANALYZE โ โ โ PATCH โ โ โ VERIFY โ โ
โ โโโโโโโโโโโโ โโโโโโโโโโโโ โโโโโโโโโโโโ โโโโโโโโโโโโ โ
โ โ โ โ โ โ
โ โผ โผ โผ โผ โ
โ Find config Check risks Fix config Confirm safe โ
โ Find service Score danger Gen token Test port โ
โ Find process List issues Fix perms Restart svc โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Project Structure
clawdguard/
โโโ Cargo.toml # Dependencies
โโโ Dockerfile # Docker build
โโโ docker-compose.yml # Docker compose
โโโ .dockerignore
โโโ README.md
โโโ LICENSE
โโโ .gitignore
โโโ assets/
โ โโโ screenshot.png # Screenshot for README
โโโ src/
โ โโโ main.rs # CLI entry point
โ โโโ lib.rs # Library root
โ โโโ detect/ # Installation detection
โ โ โโโ mod.rs
โ โ โโโ config.rs # Config file detection
โ โ โโโ process.rs # Process detection
โ โ โโโ service.rs # Service detection (launchd/systemd)
โ โโโ analyze/ # Security analysis
โ โ โโโ mod.rs
โ โ โโโ config_risk.rs
โ โ โโโ network.rs # Port exposure check
โ โ โโโ permissions.rs
โ โโโ patch/ # Configuration patching
โ โ โโโ mod.rs
โ โ โโโ config.rs
โ โ โโโ firewall.rs
โ โ โโโ token.rs # Secure token generation
โ โโโ verify/ # Fix verification
โ โ โโโ mod.rs
โ โ โโโ port_check.rs
โ โ โโโ service.rs
โ โโโ output/
โ โโโ mod.rs
โ โโโ printer.rs # Colorful CLI output
โโโ tests/
โโโ integration.rs
Development
Prerequisites
Option A: Native (Rust)
- Rust 1.70+ (
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh)
Option B: Docker
- Docker 20.10+
Building
Native:
# Clone repository
git clone https://github.com/fadidevv/clawdguard.git
cd clawdguard
# Build debug (faster compile)
cargo build
# Build release (optimized)
cargo build --release
Docker:
# Clone repository
git clone https://github.com/fadidevv/clawdguard.git
cd clawdguard
# Build image
docker build --no-cache -t clawdguard .
Running Tests
# Run all tests
cargo test
# Run with output
cargo test -- --nocapture
Code Quality
# Format code
cargo fmt
# Run linter
cargo clippy
# Check without building
cargo check
Contributing
Contributions welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/improvement) - Make your changes
- Run tests (
cargo test) - Run linter (
cargo clippy) - Format code (
cargo fmt) - Commit changes (
git commit -m 'Add improvement') - Push to branch (
git push origin feature/improvement) - Open a Pull Request
Ideas for contributions:
- Add support for more service managers
- Improve detection heuristics
- Add rollback functionality
- Documentation improvements
- Bug fixes
โ ๏ธ Disclaimer
This tool is for security purposes only.
- Only run on systems you own or have permission to modify
- Always verify the token was saved before closing the terminal
- Test the fix by attempting to connect from another device
The authors are not responsible for misuse of this tool.
License
MIT License - see LICENSE for details.
Stay secure! ๐ฆ๐
Dependencies
~18โ53MB
~774K SLoC