Is your OpenClaw instance visible to attackers?
If your OpenClaw instance is reachable from the internet — running on a VPS, cloud server, or port-forwarded from your network — Declaw shows you exactly what an attacker can see. Scored security report in 90 seconds. No installation, fully read-only.
Is Declaw right for you?
Declaw is for you if:
- ✓Your OpenClaw instance runs on a VPS or cloud server
- ✓You've port-forwarded OpenClaw to access it remotely
- ✓Your instance has a public IP or domain name
- ✓You're running OpenClaw on company or team infrastructure
- ✓You're not sure if your instance is exposed or not
Not the right fit if:
- —OpenClaw only runs on localhost with no internet access
- —You only use OpenClaw through Discord or another chat interface
- —You need a local config audit (API keys, agent permissions, secrets)
Declaw scans from the outside, like an attacker would. For local configuration auditing, see openclaw doctor.
6 categories, one report
Every scan probes your instance across six categories, simulating what a real attacker would check first.
Network Exposure
Open ports, service banners, reverse proxy detection
Authentication
CVE regression, unauthenticated access, rate limiting
TLS / SSL
Protocol versions, cipher suites, certificate health
Security Headers
HSTS, CSP, CORS, information disclosure headers
Shodan Intelligence
Public indexing, CVE annotations, historical exposure
Information Disclosure
Sensitive paths, version leaks, error verbosity
How it works
Paste your public URL
Enter the URL where your OpenClaw instance is reachable from the internet. Usually http://your-ip:18789.
Watch the scan
Six scanner modules probe your instance from our servers, simulating an external attacker. See findings in real time.
Get your report
A 0-100 security score with severity ratings, evidence, and a prioritized remediation plan you can act on immediately.