[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-74412":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":16,"stars30d":17,"stars90d":16,"forks30d":16,"starsTrendScore":16,"compositeScore":18,"rankGlobal":10,"rankLanguage":10,"license":19,"archived":20,"fork":20,"defaultBranch":21,"hasWiki":22,"hasPages":20,"topics":23,"createdAt":10,"pushedAt":10,"updatedAt":33,"readmeContent":34,"aiSummary":35,"trendingCount":16,"starSnapshotCount":16,"syncStatus":15,"lastSyncTime":36,"discoverSource":37},74412,"secure-openclaw","ComposioHQ\u002Fsecure-openclaw","ComposioHQ","A personal 24x7 AI assistant like OpenClaw that runs on your messaging platforms. Send a message on WhatsApp, Telegram, Signal, or iMessage and get responses from Claude with full tool access, persistent memory, scheduled reminders, and integrations with 500+ apps.","",null,"JavaScript",1204,165,3,2,0,5,55.16,"MIT License",false,"master",true,[24,25,26,27,28,29,30,31,32],"clawdbot","clawdbot-security","moltbot","moltbot-skills","openclaw","openclaw-plugin","openclaw-security","openclaw-skills","openclawd","2026-06-12 04:01:15","\u003Cp align=\"center\">\n  \u003Ch1 align=\"center\">Secure OpenClaw\u003C\u002Fh1>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fplatform.composio.dev?utm_source=github&utm_medium=gif&utm_campaign=2101&utm_content=secure-openclaw\">\n    \u003Cimg src=\"assets\u002Fsecure-openclaw.gif\" alt=\"Secure OpenClaw Demo\" width=\"800\">\n  \u003C\u002Fa>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fdocs.composio.dev\u002Ftool-router\u002Foverview\">\n    \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FComposio-Tool%20Router-orange\" alt=\"Composio\">\n  \u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fplatform.claude.com\u002Fdocs\u002Fen\u002Fagent-sdk\u002Foverview\">\n    \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FClaude-Agent%20SDK-blue\" alt=\"Claude Agent SDK\">\n  \u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanthropics\u002Fclaude-code\">\n    \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FPowered%20by-Claude%20Code-purple\" alt=\"Claude Code\">\n  \u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fx.com\u002Fcomposio\">\n    \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FFollow%20on-X-black?logo=x&logoColor=white\" alt=\"Follow on X\">\n  \u003C\u002Fa>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  A personal 24x7 AI assistant that runs on your messaging platforms. Send a message on WhatsApp, Telegram, Signal, or iMessage and get responses from Claude with full tool access, persistent memory, scheduled reminders, and integrations with 500+ apps.\n  \u003Cbr>\u003Cbr>\n  \u003Ca href=\"https:\u002F\u002Fplatform.composio.dev?utm_source=github&utm_medium=description&utm_campaign=2101&utm_content=secure-openclaw\">\n    \u003Cb>Get your free API key to get started →\u003C\u002Fb>\n  \u003C\u002Fa>\n\u003C\u002Fp>\n\n---\n\n## Table of Contents\n\n- [Requirements](#requirements)\n- [Installation](#installation)\n- [Quick Start](#quick-start)\n- [Deploying Remotely](#deploying-remotely)\n- [Providers](#providers)\n- [Configuration](#configuration)\n- [Messaging Platforms](#messaging-platforms)\n- [Tool Approvals](#tool-approvals)\n- [Memory System](#memory-system)\n- [Scheduling and Reminders](#scheduling-and-reminders)\n- [App Integrations](#app-integrations)\n- [Commands](#commands)\n- [Troubleshooting](#troubleshooting)\n- [Directory Structure](#directory-structure)\n- [Contributing](#contributing)\n- [Resources](#resources)\n- [Community](#community)\n\n---\n\n## Requirements\n\n- Node.js 18+\n- macOS, Linux, or Windows\n- Anthropic API key (`ANTHROPIC_API_KEY`)\n- Composio API key (`COMPOSIO_API_KEY`)\n- **Claude Code** — required if using the Claude provider\n- **Opencode** — required if using the Opencode provider\n\nPlatform-specific:\n- WhatsApp: a phone with WhatsApp installed\n- Telegram: a bot token from @BotFather\n- Signal: signal-cli installed and registered\n- iMessage: macOS only, requires the `imsg` CLI tool\n\n---\n\n## Installation\n\n### 1. Clone and install dependencies\n\n```bash\ngit clone \u003Crepo-url> secure-openclaw\ncd secure-openclaw\nnpm install\n```\n\n### 2. Install a provider\n\nYou need at least one AI provider installed on the machine.\n\n**Claude Code** (for the Claude provider):\n\n```bash\nnpm install -g @anthropic-ai\u002Fclaude-code\n```\n\n**Opencode** (for the Opencode provider):\n\n```bash\ncurl -fsSL https:\u002F\u002Fopencode.ai\u002Finstall | bash\n```\n\nYou can install both. The CLI lets you switch between them.\n\nAfter installing Claude Code, authenticate it locally:\n\n```bash\nclaude\n# Follow the OAuth prompts to log in with your Anthropic account\n```\n\nOn remote\u002FDocker deployments, authentication is handled by the `ANTHROPIC_API_KEY` environment variable instead — no interactive login needed.\n\n### 3. API keys\n\n**Anthropic** — get your key from https:\u002F\u002Fconsole.anthropic.com\u002F\n\n```bash\nexport ANTHROPIC_API_KEY=sk-ant-...\n```\n\n**Composio** — provides 500+ app integrations (Gmail, Slack, GitHub, etc.)\n\n```bash\ncurl -fsSL https:\u002F\u002Fcomposio.dev\u002Finstall | bash\ncomposio login\ncomposio whoami   # shows your API key\nexport COMPOSIO_API_KEY=your-key\n```\n\nAdd all exports to your shell profile (`~\u002F.zshrc` or `~\u002F.bashrc`) to make them permanent.\n\n---\n\n## Quick Start\n\n```bash\nnode cli.js\n```\n\nThis opens the interactive menu:\n\n```\n1) Terminal chat      — talk to the assistant in your terminal\n2) Start gateway      — run the messaging gateway\n3) Setup adapters     — configure WhatsApp, Telegram, etc.\n4) Show current config\n5) Test connection\n6) Change provider\n7) Exit\n```\n\nOr run directly:\n\n```bash\nnode cli.js chat     # terminal chat\nnode cli.js start    # start the gateway\n```\n\n---\n\n## Deploying Remotely\n\nThe gateway can run on a remote server. Terminal chat is local only.\n\n### DigitalOcean (Recommended)\n\nA $6\u002Fmonth DigitalOcean droplet. No ID verification, just sign up and go.\n\n#### 1. Create a droplet\n\n1. Sign up at [digitalocean.com](https:\u002F\u002Fwww.digitalocean.com\u002F)\n2. **Create** > **Droplets**\n3. Pick a region, select **Ubuntu 24.04**, choose the **$6\u002Fmo** plan (1 GB RAM)\n4. Set a **root password**\n5. Click **Create Droplet** and copy the **public IP** from the dashboard\n\n#### 2. Set up the server\n\n```bash\n# SSH in\nssh root@YOUR_DROPLET_IP\n\n# Add swap (the build needs more than 1 GB)\nfallocate -l 2G \u002Fswapfile && chmod 600 \u002Fswapfile && mkswap \u002Fswapfile && swapon \u002Fswapfile\necho '\u002Fswapfile none swap sw 0 0' >> \u002Fetc\u002Ffstab\n\n# Install Docker\ncurl -fsSL https:\u002F\u002Fget.docker.com | sh\n\n# Clone the repo (use a GitHub PAT if private)\ngit clone https:\u002F\u002Fgithub.com\u002FYOUR_USERNAME\u002Fsecure-openclaw.git\ncd secure-openclaw\n```\n\n#### 3. Add your keys\n\n```bash\ncp .env.example .env\nnano .env\n```\n\nFill in `ANTHROPIC_API_KEY`, `COMPOSIO_API_KEY`, and whichever platforms you want. Save with `Ctrl+O`, exit with `Ctrl+X`.\n\n#### 4. Deploy\n\n```bash\ndocker compose up -d --build\nufw allow 4096\n```\n\nThat's it. Docker Compose reads your `.env`, builds the image (installs Claude Code + Opencode inside), and starts the gateway. WhatsApp auth and memory are persisted in Docker volumes automatically.\n\n#### 5. Connect WhatsApp\n\nOpen `http:\u002F\u002FYOUR_DROPLET_IP:4096\u002Fqr` in your browser and scan with WhatsApp > Linked Devices.\n\n#### After deploy\n\n```bash\ndocker compose logs -f                          # live logs\ndocker compose down && docker compose up -d      # restart\ndocker compose exec openclaw sh                  # shell into container\ngit pull && docker compose up -d --build         # update\n```\n\n- **Health check:** `http:\u002F\u002FYOUR_DROPLET_IP:4096\u002F`\n- **Telegram:** works immediately if you set `TELEGRAM_BOT_TOKEN` in `.env`\n\n#### Troubleshooting deployment\n\n**Build gets killed (exit code 137):** Out of memory. Make sure you added swap (step 2).\n\n**Can't access `http:\u002F\u002FYOUR_IP:4096`:** Run `ufw allow 4096`. Also make sure you're using the **public IP** from the DigitalOcean dashboard, not the internal\u002Fprivate one (starts with `10.`).\n\n**WhatsApp QR page says \"Waiting...\":** The gateway is still starting. Check logs with `docker compose logs -f` and wait for `[Gateway] Ready`.\n\n**Claude exits with code 1:** Your `ANTHROPIC_API_KEY` is missing or wrong. Check with `docker compose exec openclaw env | grep ANTHROPIC`.\n\n**Private repo clone fails:** GitHub doesn't support password auth. Use a Personal Access Token: `git clone https:\u002F\u002FYOUR_TOKEN@github.com\u002F...`\n\n**Checking logs:**\n\n```bash\ndocker compose logs -f                          # all logs, live\ndocker compose logs -f --tail 50                # last 50 lines, then follow\ndocker compose logs openclaw 2>&1 | grep ERROR  # filter for errors\n```\n\n### Other VPS providers\n\nAny Linux VPS works (Hetzner, Vultr, AWS Lightsail). Same steps — SSH in, add swap if \u003C 2 GB RAM, install Docker, clone, `docker compose up`.\n\n### What Runs Where\n\n| Feature | Local | Remote |\n|---------|-------|--------|\n| Terminal chat | Yes | No |\n| Gateway (WhatsApp, Telegram, etc.) | Yes | Yes |\n| Memory | Yes | Yes (needs volume) |\n| Cron\u002Freminders | Yes | Yes |\n| Composio integrations | Yes | Yes |\n\n---\n\n## Providers\n\nSecure OpenClaw supports two AI providers:\n\n**Claude Agent SDK** — Anthropic's SDK. Uses your `ANTHROPIC_API_KEY`. Requires Claude Code installed. Models: Opus 4.6, Sonnet 4.5, Haiku 4.5.\n\n**Opencode** — open-source alternative. Requires Opencode installed. Runs a local server or connects to an existing one. Models: GPT-5 Nano, Big Pickle, GLM-4.7, Grok Code, MiniMax M2.1.\n\nSwitch providers from the CLI menu (option 7) or in `config.js`:\n\n```javascript\nagent: {\n  provider: 'claude',    \u002F\u002F or 'opencode'\n}\n```\n\nWhen using Opencode, the provider auto-detects whether a server is already running on the configured port. If one exists, it connects. If not, it starts one.\n\nUse `\u002Fmodel` during terminal chat to switch models within the active provider.\n\n---\n\n## Configuration\n\nAll settings live in `config.js`. Edit directly or use the setup wizard.\n\n```javascript\n{\n  agentId: 'secure-openclaw',\n\n  whatsapp: { enabled: true, allowedDMs: [...], allowedGroups: [...] },\n  telegram: { enabled: false, token: '', ... },\n  signal:   { enabled: false, phoneNumber: '', ... },\n  imessage: { enabled: false, ... },\n\n  agent: {\n    workspace: '~\u002Fsecure-openclaw',\n    maxTurns: 100,\n    allowedTools: ['Read', 'Write', 'Edit', 'Bash', 'Glob', 'Grep'],\n    provider: 'claude',\n    opencode: {\n      model: 'opencode\u002Fgpt-5-nano',\n      hostname: '127.0.0.1',\n      port: 4096\n    }\n  },\n\n}\n```\n\n### Security\n\nEach platform has an allowlist for DMs and groups. Set to `['*']` to allow all, or list specific IDs.\n\n```javascript\nwhatsapp: {\n  allowedDMs: ['+1234567890'],     \u002F\u002F only this number can DM\n  allowedGroups: ['*'],            \u002F\u002F all groups allowed\n  respondToMentionsOnly: true      \u002F\u002F in groups, only respond when @mentioned\n}\n```\n\nMessages from unrecognized senders are silently dropped.\n\n---\n\n## Messaging Platforms\n\n### WhatsApp\n\nUses QR code authentication. No bot token needed.\n\n1. Enable in config or run the setup wizard\n2. Start the gateway\n3. Scan the QR code that appears in your terminal (WhatsApp > Settings > Linked Devices)\n4. Session saves to `auth_whatsapp\u002F` — you only scan once\n\n### Telegram\n\n1. Message @BotFather on Telegram, send `\u002Fnewbot`, copy the token\n2. Add the token to config:\n\n```javascript\ntelegram: {\n  enabled: true,\n  token: 'YOUR_BOT_TOKEN',\n  allowedDMs: ['*'],\n}\n```\n\n3. Start the gateway, then message your bot\n\n### Signal\n\nRequires signal-cli to be installed and registered.\n\n```bash\nsignal-cli -u +1234567890 register\nsignal-cli -u +1234567890 verify CODE\n```\n\nThen configure:\n\n```javascript\nsignal: {\n  enabled: true,\n  phoneNumber: '+1234567890',\n  signalCliPath: 'signal-cli',\n}\n```\n\n### iMessage\n\nmacOS only. Requires the `imsg` CLI tool.\n\n```bash\nbrew install steipete\u002Fformulae\u002Fimsg\n```\n\nEnable in config. Make sure Messages.app is open and signed in.\n\n---\n\n## Tool Approvals\n\nThe gateway runs with permission mode `default`, which means the assistant asks for approval before using certain tools. When a tool needs approval:\n\n**In terminal chat:** the spinner pauses, the tool name and details are printed, and you type `y` or `n` to approve or deny.\n\n**On messaging platforms:** the assistant sends you a message like \"Claude wants to use Bash. Reply Y to allow, N to deny.\" Your next reply resolves the approval.\n\nIf the assistant uses `AskUserQuestion` to ask clarifying questions, these are formatted as numbered options. Reply with a number or type your answer.\n\nApprovals time out after 2 minutes with no response.\n\n---\n\n## Memory System\n\nPersistent memory stored at `~\u002Fsecure-openclaw\u002F`.\n\n```\n~\u002Fsecure-openclaw\u002F\n  MEMORY.md              — long-term: preferences, people, decisions\n  memory\u002F\n    YYYY-MM-DD.md        — daily logs\n    [topic].md           — topic-specific notes\n```\n\nMemory is loaded at the start of each conversation. The assistant writes to memory when you ask it to remember something. It does not proactively write memory on every message.\n\nUse the `\u002Fmemory` command in chat to view or search memories.\n\n---\n\n## Scheduling and Reminders\n\nThe assistant can schedule messages using cron tools.\n\n- \"Remind me in 30 minutes to check the oven\" — one-time delay\n- \"Every day at 9am, send me a standup reminder\" — cron expression `0 9 * * *`\n- \"Every weekday at 8am\" — cron expression `0 8 * * 1-5`\n\nJobs persist in `~\u002F.secure-openclaw\u002Fcron-jobs.json` and execute while the gateway is running.\n\n---\n\n## App Integrations\n\nComposio provides access to 500+ apps:\n\n- Gmail, Google Calendar, Google Sheets, Google Drive\n- Slack, Discord\n- GitHub, GitLab, Jira, Linear\n- Notion, Trello, Asana\n- Salesforce, HubSpot\n- Twitter\u002FX, LinkedIn\n- And many more\n\nJust ask: \"Send an email to john@example.com\", \"Create a GitHub issue for the login bug\", \"Add an event to my calendar for tomorrow at 3pm\".\n\nOn first use of an app, Composio provides an auth link. Click it to authorize, then the assistant can use that app going forward.\n\n---\n\n## Commands\n\n### CLI\n\n```bash\nnode cli.js              # interactive menu\nnode cli.js chat         # terminal chat\nnode cli.js start        # start gateway\nnode cli.js setup        # setup wizard\nnode cli.js config       # show config\nnode cli.js help         # help\n```\n\n### In Chat\n\n| Command | Description |\n|---------|-------------|\n| `\u002Fnew`, `\u002Freset` | Start a fresh conversation |\n| `\u002Fstatus` | Show session info |\n| `\u002Fmemory` | Show memory summary |\n| `\u002Fmemory list` | List all memory files |\n| `\u002Fmemory search \u003Cquery>` | Search memories |\n| `\u002Fmodel` | Switch model (terminal only) |\n| `\u002Fqueue` | Message queue status |\n| `\u002Fstop` | Stop current operation |\n| `\u002Fhelp` | Show commands |\n\n---\n\n## Troubleshooting\n\n**\"ANTHROPIC_API_KEY not set\"** — export the key in your shell or `.env` file.\n\n**\"claude: command not found\"** — Claude Code is not installed. Run `curl -fsSL https:\u002F\u002Fclaude.ai\u002Finstall.sh | bash`.\n\n**\"opencode: command not found\"** — Opencode is not installed. Run `curl -fsSL https:\u002F\u002Fopencode.ai\u002Finstall | bash`.\n\n**Composio not working** — make sure `COMPOSIO_API_KEY` is set. Run `composio login` and `composio whoami` to get your key.\n\n**WhatsApp QR not appearing** — delete `auth_whatsapp\u002F` and restart.\n\n**Telegram bot not responding** — verify the token, make sure you sent `\u002Fstart` to your bot, check `enabled: true`.\n\n**Signal not working** — verify signal-cli is installed, phone number is registered and includes country code.\n\n**iMessage not working** — macOS only. Check that Messages.app is open, imsg is installed (`which imsg`), and accessibility permissions are granted.\n\n**Opencode server failing** — if port 4096 is already in use from a previous run, kill the old process: `kill $(lsof -ti :4096)`. The provider auto-detects running servers, so usually this resolves itself.\n\n**Memory not persisting on remote** — make sure you have a persistent volume mounted at `\u002Fhome\u002Fclaw\u002Fsecure-openclaw`.\n\n---\n\n## Directory Structure\n\n```\nsecure-openclaw\u002F\n  config.js              configuration\n  cli.js                 CLI entry point (menu, terminal chat)\n  gateway.js             gateway process (messaging platforms)\n  Dockerfile             container build for remote deployment\n  adapters\u002F\n    base.js              base adapter class\n    whatsapp.js          WhatsApp via Baileys\n    telegram.js          Telegram via node-telegram-bot-api\n    signal.js            Signal via signal-cli\n    imessage.js          iMessage via imsg (macOS)\n  agent\u002F\n    claude-agent.js      agent with memory, cron, system prompt\n    runner.js            queue + run coordinator\n  providers\u002F\n    base-provider.js     provider interface\n    claude-provider.js   Claude Agent SDK provider\n    opencode-provider.js Opencode provider\n    index.js             provider registry\n  memory\u002F\n    manager.js           memory file management\n  tools\u002F\n    cron.js              scheduling tools\n    gateway.js           gateway MCP tools (send_message, etc.)\n  commands\u002F\n    handler.js           slash command handlers\n  sessions\u002F\n    manager.js           session tracking\n\n~\u002Fsecure-openclaw\u002F       workspace (created on first use)\n  MEMORY.md              long-term memory\n  memory\u002F                daily logs and topic files\n```\n\n---\n\n## Contributing\n\nWe welcome contributions! Here's how to get started:\n\n1. Fork the repo\n2. Create a branch (`git checkout -b feat\u002Fmy-feature`)\n3. Make your changes and commit (`git commit -m 'Add my feature'`)\n4. Push to your branch (`git push origin feat\u002Fmy-feature`)\n5. Open a Pull Request\n\nPlease keep PRs focused on a single change. If you're fixing a bug, include steps to reproduce. If you're adding a feature, explain the use case.\n\n---\n\n## Resources\n\n- [Claude Agent SDK Docs](https:\u002F\u002Fplatform.claude.com\u002Fdocs\u002Fen\u002Fagent-sdk\u002Foverview)\n- [Claude Code](https:\u002F\u002Fgithub.com\u002Fanthropics\u002Fclaude-code)\n- [Composio Docs](https:\u002F\u002Fdocs.composio.dev)\n- [Composio Tool Router](https:\u002F\u002Fdocs.composio.dev\u002Ftool-router\u002Foverview)\n- [Baileys (WhatsApp)](https:\u002F\u002Fgithub.com\u002FWhiskeySockets\u002FBaileys)\n\n---\n\n## Community\n\n- [Discord](https:\u002F\u002Fdiscord.gg\u002Fcomposio) — ask questions, share what you've built\n- [X \u002F Twitter](https:\u002F\u002Fx.com\u002Fcomposio) — follow for updates\n- [GitHub Issues](https:\u002F\u002Fgithub.com\u002FComposioHQ\u002Fsecure-openclaw\u002Fissues) — bug reports and feature requests\n- [GitHub Discussions](https:\u002F\u002Fgithub.com\u002FComposioHQ\u002Fsecure-openclaw\u002Fdiscussions) — ideas and Q&A\n\n---\n\n## License\n\nMIT\n","Secure OpenClaw 是一个基于消息平台的24x7个人AI助手，支持WhatsApp、Telegram、Signal和iMessage。该项目通过Claude AI提供全功能工具访问、持久化记忆、定时提醒以及与500多个应用程序的集成。其核心功能包括强大的安全机制、多平台兼容性和广泛的第三方服务整合能力。技术上，项目采用JavaScript编写，并利用了Claude Agent SDK和Composio Tool Router等先进技术来实现高效且灵活的任务处理。适合需要跨平台智能助手支持的个人用户或小型团队使用，尤其适用于希望通过常用聊天工具获得个性化服务与自动化任务管理的场景。","2026-06-11 03:50:04","high_star"]