OpenClaw Quickstart

Goal: get to a useful protected OpenClaw session quickly, then add SDE-PDP when you need managed governance.

Start with the packaged plugin artifact for standalone local hardening. Add the hardened SDE deployment profile when you need PDP-backed enforcement.

1) Install Plugin

openclaw plugins install /path/to/openclaw-trusted-mode-1.0.0.tgz
openclaw plugins info openclaw-trusted-mode

Default standalone posture:

{
  "toolPolicyMode": "ALLOWLIST_ONLY",
  "allowedTools": ["read_file", "list_files", "search_files"]
}

In this free mode, shell execution via exec and file write/delete actions are blocked locally.

2) Optional: Deploy SDE-PDP

docker compose -f ops/docker-compose.pdp.yml -f ops/docker-compose.pdp.hardened.yml up --build -d
curl -s http://localhost:8001/healthz

3) Optional: Run Trusted Mode Check

powershell -ExecutionPolicy Bypass -File scripts\first_success_smoke.ps1
Get-Content .\verify.md

The release verification bundle documents the PDP-backed runtime proof, including the observed shell tool ID exec and the enforced deny path.

Request an Evidence Pack