Clawctl
Security Check

Filesystem Restriction: Confine File Access

By default, OpenClaw's filesystem tools (read, write, edit) can access any file the OS user can read. Setting workspaceOnly restricts this to the agent's workspace directory.

Why It Matters

Unrestricted filesystem access lets a compromised agent read SSH keys, .env files, browser cookies, and other sensitive data anywhere on the machine. Workspace restriction prevents lateral file access.

How to Fix

Set tools.fs.workspaceOnly to true. This confines read/write/edit operations to the agent workspace.

openclaw.json
{
  "tools": {
    "fs": {
      "workspaceOnly": true
    },
    "exec": {
      "applyPatch": {
        "workspaceOnly": true
      }
    }
  }
}

Check your config for this vulnerability

The free scanner tests this and 11 other security checks.

Skip the hardening

Clawctl manages all 12 security checks automatically. Enterprise defaults, zero config.