SkillAgentSearch skills...

Openclawenterprise

OpenClaw Enterprise — zero-trust AI agent platform with IAM/RBAC, audit logging, Vault/AWS/GCP/Azure secrets, Kubernetes Helm chart, and viral install scripts. MIT licensed.

GenerateConvertImprove

Install / Use

/learn @mholovetskyi/Openclawenterprise
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

🦞 OpenClaw Enterprise

<p align="center"> <picture> <source media="(prefers-color-scheme: dark)" srcset="docs/assets/openclaw-enterprise-logo.png"> <source media="(prefers-color-scheme: light)" srcset="docs/assets/openclaw-enterprise-logo.png"> <img src="docs/assets/openclaw-enterprise-logo.png" alt="OpenClaw Enterprise" width="680"> </picture> </p> <p align="center"> <strong>The enterprise layer for OpenClaw — zero-trust, compliance-ready, MIT licensed.</strong><br> Built on top of the platform you already love. No subscriptions. No lock-in. </p> <p align="center"> <a href="https://github.com/openclaw/openclaw/actions/workflows/ci.yml?branch=main"> <img src="https://img.shields.io/github/actions/workflow/status/openclaw/openclaw/ci.yml?branch=main&style=for-the-badge" alt="CI"> </a> <a href="https://github.com/openclaw/openclaw/releases"> <img src="https://img.shields.io/github/v/release/openclaw/openclaw?include_prereleases&style=for-the-badge" alt="Release"> </a> <a href="LICENSE"> <img src="https://img.shields.io/badge/License-MIT-blue.svg?style=for-the-badge" alt="MIT"> </a> <a href="https://discord.gg/clawd"> <img src="https://img.shields.io/discord/1456350064065904867?label=Discord&logo=discord&logoColor=white&color=5865F2&style=for-the-badge" alt="Discord"> </a> <a href="https://github.com/openclaw/openclaw/stargazers"> <img src="https://img.shields.io/github/stars/openclaw/openclaw?style=for-the-badge&color=gold" alt="Stars"> </a> </p> <p align="center"> <a href="#built-since-gtc">Built since GTC</a> · <a href="#install">Install</a> · <a href="#where-openclaw-stops">Enterprise gap</a> · <a href="#zero-trust-gateway">Security</a> · <a href="#secret-management">Secrets</a> · <a href="#iam--rbac">IAM</a> · <a href="#oidc--sso">OIDC/SSO</a> · <a href="#mfa--totp">MFA</a> · <a href="#audit-logging--compliance">Audit</a> · <a href="#gdpr-compliance-art-17--art-20">GDPR</a> · <a href="#distributed-cluster">Cluster</a> · <a href="#kubernetes">Kubernetes</a> · <a href="#connecting-to-enterprise-messaging">Channels</a> · <a href="#nvidia-ai-infrastructure">NVIDIA</a> · <a href="#test-suite--quality-assurance">Tests</a> · <a href="docs/enterprise/">Docs</a> </p>

OpenClaw is one of the most capable open-source AI agent platforms available. With 216,000 GitHub stars, it excels at personal productivity and small-team automation: connecting your AI to WhatsApp, Telegram, Discord, and 14 other channels, running browser automation, managing calendars, and orchestrating complex multi-step tasks from a single self-hosted gateway. For individuals and small teams, it's outstanding.

Enterprise deployments have a different set of requirements. Regulated industries need audit trails, access control, and encrypted credential storage. Platform teams need Prometheus metrics and Kubernetes-native deployment. Security-conscious organizations need runtime guardrails, prompt injection defenses, and supply chain verification for third-party skills. These aren't gaps in OpenClaw's quality — they're simply outside its design scope as a personal-use tool.

OpenClaw Enterprise adds the complete enterprise stack on top of the OpenClaw foundation. Every enterprise feature is an opt-in module (enterprise.enabled: true). In community mode the binary is identical and there is no performance overhead. 100% MIT-licensed. Zero subscriptions.

Built since GTC

The gap between "demo-ready" and "enterprise-ready" is enormous. We closed it.

Since NVIDIA GTC, OpenClaw Enterprise has shipped a production-ready, MIT-licensed enterprise stack — zero subscriptions, zero lock-in. Every feature is opt-in with zero overhead when disabled. Here's what landed:

NVIDIA-native AI infrastructure

  • NVIDIA NIM — first-class inference provider with OpenAI-compatible endpoints, health checks, and retry logic
  • NemoClaw Enterprise — sandboxed inference with OpenShell containers, privacy routing, and 3 deployment profiles (nvidia-cloud, local-nim, vllm)
  • GPU telemetry — nvidia-smi polling with Prometheus export and configurable alert thresholds
  • Nemotron 3 model family — Super 120B, Nano 30B, and Super 49B supported out of the box
  • NVIDIA guardrails — thinking budget limits, per-user/per-tenant cost caps, RBAC-based model routing

Zero-trust security stack

  • Encrypted secrets — AES-256-GCM at rest, 6 backends (Vault, AWS SM, GCP SM, Azure KV, OCI Vault, env)
  • Full RBAC — Users, Groups, Roles, Permissions with JWT (RS256/HS256), MFA/TOTP, API keys
  • OIDC/SSO — Okta, Azure AD, Google Workspace, Auth0, Keycloak, Palantir Foundry
  • Runtime guardrails — credential harvest detection, reverse shell blocking, PII scanning, mass-deletion prevention
  • Input sanitization — Unicode normalization, invisible character stripping, 8 prompt injection pattern families
  • Supply chain security — Ed25519 code signing, 14-rule SAST scanner (CWE/OWASP), pre-install approval gates
  • Network controls — IP allowlisting (CIDR, IPv4/IPv6), token-bucket rate limiting

Compliance and observability

  • Tamper-evident audit — SHA-256 hash-chain logging, SQLite or PostgreSQL, ULID event IDs
  • External sinks — Syslog (RFC 5424), webhook batching, Palantir Foundry streaming, OCI Streaming
  • Prometheus — 20+ metrics, Kubernetes health probes (/healthz, /readyz, /startupz)
  • GDPR — data export (Art. 20) and erasure (Art. 17), SOC 2 / HIPAA / PCI DSS mapping
  • Container security — SBOM generation (SPDX), image signing (cosign), vulnerability scanning (Trivy)

Enterprise integrations

  • Palantir Foundry — audit streaming, OIDC preset, Compute Module deployment
  • Oracle Cloud — MCP bridge to Autonomous Database, OCI Vault secrets, OCI Streaming audit, Agent Spec export
  • Multi-tenancy — AsyncLocalStorage isolation with per-tenant rate limits, quotas, and audit
  • Cluster mode — Redis-based coordination with heartbeat protocol for multi-gateway deployments

Platform

  • 16 messaging channels — WhatsApp, Telegram, Discord, Slack, Signal, iMessage, Matrix, and more
  • Embedded Pi agent runtime — context pruning, auth profile rotation, multi-agent orchestration
  • Integration SDK — plugin loader, scaffolding CLI, reference integrations
  • 396 tests across 22 test files — every enterprise subsystem covered

All of this — open source, MIT licensed, self-hostable anywhere.

Install

OpenClaw Enterprise is a source-available fork — build it from this repository. Requires Node.js ≥22.12.0 and pnpm.

# 1. Clone the enterprise fork
git clone https://github.com/mholovetskyi/openclawenterprise.git
cd openclawenterprise

# 2. Install dependencies and build
pnpm install
pnpm build

# 3. First-time setup (config, daemon, shell completion)
pnpm openclaw onboard --install-daemon

# 4. Start the gateway
pnpm gateway:watch

Node.js ≥22.12.0 is required. Install via fnm (fnm install 22), nvm, or the official installer.

Looking for the community edition? npm install -g openclaw@latest — no build step needed.

Where OpenClaw stops

OpenClaw is purpose-built for personal and small-team use. It does that job exceptionally well. When organizations try to deploy it in regulated or security-sensitive environments, they consistently hit the same eight gaps — not because OpenClaw is flawed, but because these requirements are simply out of scope for a personal tool.

OpenClaw Enterprise closes each gap without touching the core.

1. Network exposure is opt-in, not accidental

OpenClaw's gateway binds to all interfaces (0.0.0.0) in LAN mode — the right default for a personal assistant you're sharing on your home network. In a corporate environment, that exposes the gateway to every host on the subnet without any warning.

Enterprise adds: Strict loopback-only default. Every non-loopback bind emits a prominent warning with the exact address. The dangerouslyBindAllInterfaces flag must be set explicitly. (src/gateway/net.ts)

2. Credentials need to be encrypted at rest

OpenClaw stores API keys, OAuth tokens, and webhook secrets in ~/.openclaw/credentials — a plaintext file, which is the right trade-off for a personal tool where simplicity beats vault complexity. On a shared server or a machine that generates bug reports, plaintext secrets are a liability.

Enterprise adds: AES-256-GCM encrypted file backend with the master key in the OS keychain. HashiCorp Vault, AWS Secrets Manager, GCP Secret Manager, Azure Key Vault, and OCI Vault are all supported. Existing credentials auto-migrate. (src/enterprise/secrets/)

3. Not every client should have full operator access

OpenClaw's gateway authenticates with a single shared token — you either have it or you don't. That's fine for personal use. It doesn't work when you have developers, read-only dashboards, and automated service accounts all connecting to the same gateway.

Enterprise adds: Full RBAC with 5 built-in roles, wildcard permissions, group inheritance, JWT RS256/HS256, and API key management. (src/enterprise/iam/)

4. Regulated industries require audit trails

OpenClaw doesn't log who connected, what ran, or what data was accessed — there's no reason it should for personal use. SOC 2 CC6/CC7, HIPAA §164.312(b), and PCI DSS 10 all require this record.

Enterprise adds: Tamper-evident SHA-256 hash-chain audit log covering auth events, agent runs, tool executions, guardrail blocks, and injection detections. (src/enterprise/audit/)

5. Untrusted channel messages need sanitization

OpenClaw sends channel messages directly to the model — exactly the right behavior when you trust the people messaging your personal assistant. When

mholovetskyi

View profile

View on GitHub
GitHub Stars29
CategoryDevelopment
Updated6d ago
Forks9
mholovetskyi/openclawenterprise

Languages

TypeScript

Security Score

90/100

Audited on Mar 31, 2026

No findings