About ClawChart

OpenClaw is a powerful open-source framework for running AI agents across messaging platforms like Telegram, Discord, Slack, and WhatsApp. But configuring it requires editing a complex JSON file by hand — one misplaced comma breaks the entire setup. Deploying it means wrestling with SSH, Docker, firewalls, SSL certificates, and DNS records. And securing it requires expertise that most users simply don't have.

ClawChart was built to solve these problems. We provide a free, browser-based visual editor that turns your openclaw.json into an interactive node graph — making it easy to understand, edit, audit, and share your agent configuration without touching raw JSON.

For users who want to go further, our 1-Click Launch service deploys your configuration to a dedicated, hardened VPS server in under three minutes. Every deployment includes 8 published security layers — from SSH hardening and UFW firewalls to Docker isolation and automatic SSL. No terminal required. No security expertise needed.

We believe that running AI agents should be accessible to everyone, not just DevOps engineers. And we believe that security should be transparent, not hidden behind a black box. That's why we publish every security layer we apply and give every user a free A–F security grade for their configuration.

Thousands of OpenClaw instances are running on the internet with default configurations that leave critical ports exposed, Docker containers running as root, and no firewall rules in place. Most hosting providers don't tell you what security measures they apply — or whether they apply any at all.

We take a different approach. Every ClawChart deployment receives 8 published security layers, and we document exactly what each one does:

1. SSH Hardening — Root login disabled, password authentication disabled, non-standard port, maximum 3 login attempts
2. UFW Firewall — Only ports 80 (HTTP), 443 (HTTPS), and SSH are open. The OpenClaw gateway port (18789) is never exposed to the internet
3. Fail2Ban — Automatically bans IP addresses after 5 failed SSH login attempts for one hour
4. Automatic Updates — Daily security patches via unattended-upgrades ensure your server stays current
5. Docker Isolation — Containers run as non-root users with all Linux capabilities dropped and no-new-privileges enforced
6. Secrets Management — API keys are stored as environment variables with file permissions restricted to 600/700. Keys are encrypted with AES-256-GCM in transit
7. Caddy Reverse Proxy — The OpenClaw gateway is bound to localhost only. Caddy handles HTTPS with automatic SSL certificate provisioning and HSTS headers
8. OpenClaw App Config — Pairing-only DM policy, workspace-only filesystem access, exec tool denied by default

We believe security through transparency is stronger than security through obscurity. When you know exactly what protects your server, you can make informed decisions about your infrastructure.

The ClawChart visualizer, security audit, skills directory, and shareable links are completely free and always will be. No account required, no data collected, no limitations.

Our 1-Click Launch deployment service starts at $9.99/month for a dedicated Hetzner VPS with full security hardening. We offer three tiers based on your needs:

• Starter ($9.99/mo) — 2 vCPU, 4GB RAM, 40GB storage. Up to 2 agents on 1 channel. Ideal for personal AI assistants.
• Pro ($19.99/mo) — 4 vCPU, 8GB RAM, 80GB storage. Up to 5 agents across 3 channels. Daily automated backups and auto-upgrade.
• Power ($39.99/mo) — 8 vCPU, 16GB RAM, 160GB storage. Up to 10 agents across 5 channels. Priority support and auto-upgrade.

Every tier includes the same 8-layer security hardening, auto-SSL, reverse proxy, and config portability. There are no hidden fees, no setup costs, and no long-term contracts. Cancel anytime.

Have questions, feedback, or partnership inquiries? We'd love to hear from you.

• Email: hello@clawchart.xyz

For technical support with your deployment, check our FAQ first — it covers the most common questions about configuration, security audits, skills, and deployment.