LobsterLair

Privacy policy claims 'Isolated Docker containers per user' and 'Encryption in transit (TLS/SSL)' with per-user access control via Telegram User ID. No documentation of employee access controls, audit trail for data access, or data-at-rest encryption beyond API keys. 'Only you can talk to your bot' addresses single-tenancy at Telegram layer but not infrastructure layer.

No mention of prompt injection protections, input sanitization, or separation of instructions from external data. No sandboxing beyond basic Docker — no gVisor, Firecracker, etc. No human-in-the-loop for goal changes or code execution. Memory feature ('Your bot learns your preferences') has no documented integrity protection against poisoning.

Privacy policy: 'API keys encrypted with AES-256-GCM' and 'Telegram bot tokens (encrypted).' FAQ reiterates encryption claim. However, no key management practices (HSM, rotation, who holds keys), no credential leak detection in outputs, no documentation on whether credentials appear in logs. Specific claims but unverifiable without audit.

No guardrails: no spending caps, rate limiting details, tool gating, kill switch, or behavioral monitoring. FAQ mentions 'strict resource limits' on containers but this addresses compute, not agent behavioral boundaries. Complete absence of rogue-agent protections.

FAQ: 'Data is retained for 30 days in case you resubscribe' and 'Download My Data button to export all your bot's configuration and workspace data as a ZIP file.' Meaningful data portability. No backups, backup testing, disaster recovery, or status page. Terms: 'We strive to maintain 24/7 uptime but do not guarantee uninterrupted service.' Provider registered at HK mail forwarding address.

Clear pricing: single plan $19/month. 48-hour free trial, no credit card. However, Terms say users responsible for 'All costs associated with your AI provider API usage' while homepage claims 'AI included — no API key needed' — contradictory. No spending caps or usage alerts. Price changes via 'Last updated' date only.

Privacy policy has GDPR section with 30-day response commitment. Terms specify German governing law. However, provider address is HK mail forwarding ('C/O SEKO 13C Por Mee Fty Bldg') — jurisdiction mismatch. No incident response, breach notification timeline, audit logging, or security monitoring. Entity 'Banalabs' has minimal public presence. No security.txt.

FAQ: 'We review every OpenClaw update for security issues before deploying' and updates 'go through our security review process.' Meaningful claim but unverifiable — no review details, no SBOM, no dependency scanning. Uses MiniMax M2.5 as AI provider with no documented data policies. No MCP server or tool vetting.

Strong HTTP headers verified: HSTS with preload, X-Frame-Options, X-Content-Type-Options, CSP, Permissions-Policy. TLS 1.3. Google OAuth available. However, CSP includes 'unsafe-inline' and 'unsafe-eval' weakening script protection. No MFA beyond Google's own. No rate limiting on login, no session management details, no independent security testing.

No protections against hallucinations, output manipulation, or trust exploitation. No approval workflows, verification mechanisms, undo/rollback, or AI uncertainty transparency. Gap for platform encouraging email drafting and shopping use cases.