Skills Plugins Jobs Pricing
← Back to Plugins
Channels

Secure Openclaw

ComposioHQ By ComposioHQ ⭐ 557 stars 👁 13 views ▲ 0 votes

A personal 24x7 AI assistant like OpenClaw that runs on your messaging platforms. Send a message on WhatsApp, Telegram, Signal, or iMessage and get responses from Claude with full tool access, persistent memory, scheduled reminders, and integrations with 500+ apps.

GitHub

Install

npm install
```

Configuration Example

agent: {
  provider: 'claude',    // or 'opencode'
}

README

<p align="center">
  <h1 align="center">Secure OpenClaw</h1>
</p>

<p align="center">
  <a href="https://platform.composio.dev?utm_source=github&utm_medium=gif&utm_campaign=2101&utm_content=secure-openclaw">
    <img src="assets/secure-openclaw.gif" alt="Secure OpenClaw Demo" width="800">
  </a>
</p>

<p align="center">
  <a href="https://docs.composio.dev/tool-router/overview">
    <img src="https://img.shields.io/badge/Composio-Tool%20Router-orange" alt="Composio">
  </a>
  <a href="https://platform.claude.com/docs/en/agent-sdk/overview">
    <img src="https://img.shields.io/badge/Claude-Agent%20SDK-blue" alt="Claude Agent SDK">
  </a>
  <a href="https://github.com/anthropics/claude-code">
    <img src="https://img.shields.io/badge/Powered%20by-Claude%20Code-purple" alt="Claude Code">
  </a>
  <a href="https://x.com/composio">
    <img src="https://img.shields.io/badge/Follow%20on-X-black?logo=x&logoColor=white" alt="Follow on X">
  </a>
</p>

<p align="center">
  A personal 24x7 AI assistant that runs on your messaging platforms. Send a message on WhatsApp, Telegram, Signal, or iMessage and get responses from Claude with full tool access, persistent memory, scheduled reminders, and integrations with 500+ apps.
  <br><br>
  <a href="https://platform.composio.dev?utm_source=github&utm_medium=description&utm_campaign=2101&utm_content=secure-openclaw">
    <b>Get your free API key to get started β†’</b>
  </a>
</p>

---

## Table of Contents

- [Requirements](#requirements)
- [Installation](#installation)
- [Quick Start](#quick-start)
- [Deploying Remotely](#deploying-remotely)
- [Providers](#providers)
- [Configuration](#configuration)
- [Messaging Platforms](#messaging-platforms)
- [Tool Approvals](#tool-approvals)
- [Memory System](#memory-system)
- [Scheduling and Reminders](#scheduling-and-reminders)
- [App Integrations](#app-integrations)
- [Commands](#commands)
- [Troubleshooting](#troubleshooting)
- [Directory Structure](#directory-structure)
- [Contributing](#contributing)
- [Resources](#resources)
- [Community](#community)

---

## Requirements

- Node.js 18+
- macOS, Linux, or Windows
- Anthropic API key (`ANTHROPIC_API_KEY`)
- Composio API key (`COMPOSIO_API_KEY`)
- **Claude Code** β€” required if using the Claude provider
- **Opencode** β€” required if using the Opencode provider

Platform-specific:
- WhatsApp: a phone with WhatsApp installed
- Telegram: a bot token from @BotFather
- Signal: signal-cli installed and registered
- iMessage: macOS only, requires the `imsg` CLI tool

---

## Installation

### 1. Clone and install dependencies

```bash
git clone <repo-url> secure-openclaw
cd secure-openclaw
npm install
```

### 2. Install a provider

You need at least one AI provider installed on the machine.

**Claude Code** (for the Claude provider):

```bash
npm install -g @anthropic-ai/claude-code
```

**Opencode** (for the Opencode provider):

```bash
curl -fsSL https://opencode.ai/install | bash
```

You can install both. The CLI lets you switch between them.

After installing Claude Code, authenticate it locally:

```bash
claude
# Follow the OAuth prompts to log in with your Anthropic account
```

On remote/Docker deployments, authentication is handled by the `ANTHROPIC_API_KEY` environment variable instead β€” no interactive login needed.

### 3. API keys

**Anthropic** β€” get your key from https://console.anthropic.com/

```bash
export ANTHROPIC_API_KEY=sk-ant-...
```

**Composio** β€” provides 500+ app integrations (Gmail, Slack, GitHub, etc.)

```bash
curl -fsSL https://composio.dev/install | bash
composio login
composio whoami   # shows your API key
export COMPOSIO_API_KEY=your-key
```

Add all exports to your shell profile (`~/.zshrc` or `~/.bashrc`) to make them permanent.

---

## Quick Start

```bash
node cli.js
```

This opens the interactive menu:

```
1) Terminal chat      β€” talk to the assistant in your terminal
2) Start gateway      β€” run the messaging gateway
3) Setup adapters     β€” configure WhatsApp, Telegram, etc.
4) Show current config
5) Test connection
6) Change provider
7) Exit
```

Or run directly:

```bash
node cli.js chat     # terminal chat
node cli.js start    # start the gateway
```

---

## Deploying Remotely

The gateway can run on a remote server. Terminal chat is local only.

### DigitalOcean (Recommended)

A $6/month DigitalOcean droplet. No ID verification, just sign up and go.

#### 1. Create a droplet

1. Sign up at [digitalocean.com](https://www.digitalocean.com/)
2. **Create** > **Droplets**
3. Pick a region, select **Ubuntu 24.04**, choose the **$6/mo** plan (1 GB RAM)
4. Set a **root password**
5. Click **Create Droplet** and copy the **public IP** from the dashboard

#### 2. Set up the server

```bash
# SSH in
ssh root@YOUR_DROPLET_IP

# Add swap (the build needs more than 1 GB)
fallocate -l 2G /swapfile && chmod 600 /swapfile && mkswap /swapfile && swapon /swapfile
echo '/swapfile none swap sw 0 0' >> /etc/fstab

# Install Docker
curl -fsSL https://get.docker.com | sh

# Clone the repo (use a GitHub PAT if private)
git clone https://github.com/YOUR_USERNAME/secure-openclaw.git
cd secure-openclaw
```

#### 3. Add your keys

```bash
cp .env.example .env
nano .env
```

Fill in `ANTHROPIC_API_KEY`, `COMPOSIO_API_KEY`, and whichever platforms you want. Save with `Ctrl+O`, exit with `Ctrl+X`.

#### 4. Deploy

```bash
docker compose up -d --build
ufw allow 4096
```

That's it. Docker Compose reads your `.env`, builds the image (installs Claude Code + Opencode inside), and starts the gateway. WhatsApp auth and memory are persisted in Docker volumes automatically.

#### 5. Connect WhatsApp

Open `http://YOUR_DROPLET_IP:4096/qr` in your browser and scan with WhatsApp > Linked Devices.

#### After deploy

```bash
docker compose logs -f                          # live logs
docker compose down && docker compose up -d      # restart
docker compose exec openclaw sh                  # shell into container
git pull && docker compose up -d --build         # update
```

- **Health check:** `http://YOUR_DROPLET_IP:4096/`
- **Telegram:** works immediately if you set `TELEGRAM_BOT_TOKEN` in `.env`

#### Troubleshooting deployment

**Build gets killed (exit code 137):** Out of memory. Make sure you added swap (step 2).

**Can't access `http://YOUR_IP:4096`:** Run `ufw allow 4096`. Also make sure you're using the **public IP** from the DigitalOcean dashboard, not the internal/private one (starts with `10.`).

**WhatsApp QR page says "Waiting...":** The gateway is still starting. Check logs with `docker compose logs -f` and wait for `[Gateway] Ready`.

**Claude exits with code 1:** Your `ANTHROPIC_API_KEY` is missing or wrong. Check with `docker compose exec openclaw env | grep ANTHROPIC`.

**Private repo clone fails:** GitHub doesn't support password auth. Use a Personal Access Token: `git clone https://[email protected]/...`

**Checking logs:**

```bash
docker compose logs -f                          # all logs, live
docker compose logs -f --tail 50                # last 50 lines, then follow
docker compose logs openclaw 2>&1 | grep ERROR  # filter for errors
```

### Other VPS providers

Any Linux VPS works (Hetzner, Vultr, AWS Lightsail). Same steps β€” SSH in, add swap if < 2 GB RAM, install Docker, clone, `docker compose up`.

### What Runs Where

| Feature | Local | Remote |
|---------|-------|--------|
| Terminal chat | Yes | No |
| Gateway (WhatsApp, Telegram, etc.) | Yes | Yes |
| Memory | Yes | Yes (needs volume) |
| Cron/reminders | Yes | Yes |
| Composio integrations | Yes | Yes |

---

## Providers

Secure OpenClaw supports two AI providers:

**Claude Agent SDK** β€” Anthropic's SDK. Uses your `ANTHROPIC_API_KEY`. Requires Claude Code installed. Models: Opus 4.6, Sonnet 4.5, Haiku 4.5.

**Opencode** β€” open-source alternative. Requires Opencode installed. Runs a local server or connects to an existing one. Models: GPT-5 Nano, Big Pickle, GLM-4.7, Grok Code, MiniMax M2.1.

Switch providers from the CLI menu (option 7) or in `config.js`:

```javascript
agent: {
  provider: 'claude',    // or 'opencode'
}
```

When using Opencode, the provider auto-detects whether a server is already running on the configured port. If one exists, it connects. If not, it starts one.

Use `/model` during terminal chat to switch models within the active provider.

---

## Configuration

All settings live in `config.js`. Edit directly or use the setup wizard.

```javascript
{
  agentId: 'secure-openclaw',

  whatsapp: { enabled: true, allowedDMs: [...], allowedGroups: [...] },
  telegram: { enabled: false, token: '', ... },
  signal:   { enabled: false, phoneNumber: '', ... },
  imessage: { enabled: false, ... },

  agent: {
    workspace: '~/secure-openclaw',
    maxTurns: 100,
    allowedTools: ['Read', 'Write', 'Edit', 'Bash', 'Glob', 'Grep'],
    provider: 'claude',
    opencode: {
      model: 'opencode/gpt-5-nano',
      hostname: '127.0.0.1',
      port: 4096
    }
  },

}
```

### Security

Each platform has an allowlist for DMs and groups. Set to `['*']` to allow all, or list specific IDs.

```javascript
whatsapp: {
  allowedDMs: ['+1234567890'],     // only this number can DM
  allowedGroups: ['*'],            // all groups allowed
  respondToMentionsOnly: true      // in groups, only respond when @mentioned
}
```

Messages from unrecognized senders are silently dropped.

---

## Messaging Platforms

### WhatsApp

Uses QR code authentication. No bot token needed.

1. Enable in config or run the setup wizard
2. Start the gateway
3. Scan the QR code that appears in your terminal (WhatsApp > Settings > Linked Devices)
4. Session saves to `auth_whatsapp/` β€” you only scan once

### Telegram

1. Message @BotFather on Telegram, send `/newbot`, copy the token
2. Add the token to config:

```javascript
telegram: {
  enabled: true,
  token: 'YOUR_BOT_TOKEN',
  allowedDMs: ['*'],
}
```

3. Start the gateway, then message your bot

### Signal

Requires signal-cli to be installed and registered.

```bas

... (truncated)
channels

Comments

Sign in to leave a comment

Loading comments...

More by ComposioHQ

Composio

Composio

Fork of OpenClaw/Clawdbot with Composio plugin for simplified authentication and secure credential management

0

Similar Plugins in Channels

Dingtalk

Dingtalk

DingTalk (ι’‰ι’‰) channel plugin for OpenClaw.

17 18
Moltbot Wecom Channel

Moltbot Wecom Channel

Enterprise WeChat (WeCom) integration plugin for Moltbot. Fixes API compatibility issues with the latest Plugin SDK.

11 11
Moltbot Channel Feishu

Moltbot Channel Feishu

A production-grade Feishu/Lark channel plugin for Moltbot(Clawdbot).

7
Tlon

Tlon

Tlon/Urbit channel plugin for Moltbot

3 3
Moltbot Lark

Moltbot Lark

Moltbot Lark (飞书) channel plugin - Real-time messaging integration for https://github.com/moltbot/moltbot

1
Gmail

Gmail

Gmail channel plugin for Moltbot

1