INSTALLATION GUIDE

OPENCLAW SHIELD SETUP

Install OpenClaw Shield in under a minute. One command to install, four alarms deployed automatically, zero configuration required.

// 001

PREREQUISITES

BEFORE YOU START

Before installing OpenClaw Shield, make sure you have the following in place:

OPENCLAW RUNNING-- You need a running OpenClaw instance. Shield monitors an existing installation; it does not install OpenClaw for you.

LINUX / MACOS / DOCKER-- Shield supports Ubuntu 20.04+, Debian 11+, CentOS 8+, Fedora 36+, macOS 12+ (Intel and Apple Silicon), and Docker. Windows support is on the roadmap.

NETWORK ACCESS-- The agent needs outbound HTTPS access to api.agentdefenders.ai on port 443 for sending alerts and receiving configuration updates.

No root access is required for installation. The agent runs as a user-level process.

// 002

INSTALL OPENCLAW SHIELD

30 SECONDS

Run the following command on the machine where your OpenClaw instance is running. The installer downloads the Shield agent, configures it to monitor your OpenClaw instance, and starts the monitoring process.

TERMINAL

$ curl -fsSL https://get.agentdefenders.ai/install | bash

The installer will prompt you for your API key. You can find your API key in the Shield Dashboard Settings page.

If you are running OpenClaw in Docker, you can run Shield as a sidecar container instead. See the Docker installation section on the OpenClaw Shield product page for Docker-specific instructions.

// 003

VERIFY AGENT CONNECTED

1 MINUTE

After installation, verify that the agent is connected and reporting to the Shield Dashboard.

01
Open the Shield Dashboard
02
Navigate to the Agents section. Your agent should appear with a green "ONLINE" status within 30 seconds of installation.
03
If the agent shows as "OFFLINE", check the troubleshooting section below.

The agent sends a heartbeat every 30 seconds. If the dashboard does not show your agent within 60 seconds, check network connectivity and API key configuration.

// 004

VERIFY ALARMS DEPLOYED

AUTOMATIC

Once the agent connects, four OpenClaw-specific alarms deploy automatically. You can verify this in two ways:

DASHBOARD

Check the Alarms section in the Shield Dashboard. You should see four alarms listed: Configuration Monitor, Credentials Monitor, Gateway Monitor, and System Prompt Monitor. All four should show a green "ACTIVE" status.

TRAFFIC LIGHT

The traffic light indicator on your dashboard will show your current security posture. Green means all alarms are deployed and no threats detected. Yellow or red means action items were found during the initial scan.

If any alarm shows as inactive, the agent may not have permission to monitor the relevant files or ports. See the troubleshooting guide.

// 005

TROUBLESHOOTING

Common issues during installation and how to resolve them:

AGENT NOT CONNECTING

The agent cannot reach api.agentdefenders.ai. Check the following:

-Verify outbound HTTPS on port 443 is allowed by your firewall
-Verify your API key is correct (check for trailing whitespace)
-Check DNS resolution: run "nslookup api.agentdefenders.ai"

PERMISSION ISSUES

The agent cannot read OpenClaw configuration or data files:

-Make sure the agent runs as the same user as OpenClaw, or a user with read access to OpenClaw config and data directories
-If running in Docker, ensure the Shield container has access to the OpenClaw volumes

For additional help, see the full troubleshooting guide or contact support@agentdefenders.ai

Ready to install? Copy the command and run it now.