ClawRun
LiveOne-click OpenClaw deployment on dedicated VPS infrastructure
Security Score: 4.7/100 — Basic
ClawRun is a very young VPS provisioning service (launched Feb 8, 2026) for OpenClaw. Likely same operator as ClawHost Cloud (bfzli) based on ToS email mismatch. Dedicated-VPS model gives structural tenant isolation. Transparent fixed pricing is a genuine positive. However, zero documented security practices, no security page, no docs, no public GitHub, no MFA, no backups yet, no incident response. Privacy/ToS appear to be copy-pasted templates from ClawHost Cloud. Early-stage infrastructure tool with minimal security maturity.
10 risk categories scored 1-10 × evidence weight. Based on our methodology, grounded in OWASP Agentic Security, NIST CSF 2.0, and CIS Controls.
Dedicated VPS per user provides inherent single-tenant isolation. Claims '100% Owned Data — Your own server, your data. No shared infrastructure, no logs, no third parties.' No documentation on what data ClawRun retains on its management platform, no encryption-at-rest details, generic boilerplate privacy policy.
No mention of prompt injection defenses, sandboxing, human-in-the-loop, memory integrity, or container escape prevention. Service provides raw VPS with OpenClaw — all protections depend on user configuration. Zero guidance on securing agents.
No info on credential handling. Users get root SSH to own VPS, shifting responsibility to them. No credential management tools, vault, leak detection, or guidance. Management platform collects email/payment with no security details.
No rate limiting, spending caps, kill switches, monitoring, or guardrails. Explicitly markets 'Full access to OpenClaw and the VPS, with no limits on what you can achieve' — unlimited capability, zero safety.
Backups explicitly listed as upcoming ('Server snapshots for backup and restore'). Not available yet. No data export documented. ToS: 'modify, suspend, or discontinue any part of the Service at any time with or without notice.' Platform 9 days old. No SLA.
Transparent pricing: 20+ configs from $10/mo to $350/mo with clear specs. Fixed monthly billing, cancel anytime. 'Pricing based on what you need. No forced high bills.' No usage-based surprises. However, no spending caps for API usage on deployed OpenClaw.
No audit logging, incident response, breach notification, or security monitoring. ToS contact email mismatch (legal@clawhost.cloud vs legal@clawrun.dev) — documents appear to be hastily adapted templates. No company registration, address, or team info.
No dependency scanning, SBOM, tool vetting, or update verification. 'Auto-Updates' claims servers 'automatically kept up to date' with no validation details. Auto-updating without documented verification is itself a supply chain risk. No public GitHub repos.
Magic-link email auth only, no MFA. HTTPS/TLS. 'Secure' feature vaguely claims 'Protected by default from SSL vulnerabilities, malware, and common security threats' — no specifics. No security.txt, no pen testing, no independent audit. Platform is 9 days old.
No hallucination mitigation, output verification, approval workflows, undo/rollback, or AI uncertainty guardrails. Purely infrastructure — no trust layer on top of OpenClaw.
Key Features
- ✓One-click deployment
- ✓15+ global locations
- ✓25+ servers
- ✓Full SSH access
- ✓Auto-updates
- ✓Manage multiple instances
Strengths
- +Full server ownership
- +Transparent VPS-based pricing
- +Multiple global locations
- +Auto-updates included
Weaknesses
- −No messaging integrations — raw VPS with subdomain access only
- −Security is your responsibility
- −Similar feature set to other VPS-based providers
Verdict
Raw VPS hosting with one-click OpenClaw deployment and 15+ global locations. Full server ownership but no messaging integrations — you configure those yourself.