OpenClawHosting.io

Self-hosted (BYOS) architecture is the primary mitigation: 'Conversations, files, and agent memory live exclusively on your hardware. No telemetry leaves the box unless you configure it.' Privacy policy: 'never read, store, or analyze your AI agent conversations' and 'never train AI models on your data.' Features page claims 'Encrypted storage for credentials and conversation history.' However, the platform maintains 'a secure management connection for applying updates and health checks.' No log sanitization or employee access audit trail details.

Features page claims 'Sandboxed execution: agent actions run in isolated containers' and 'Per-tool permission controls: approve what the agent can touch.' The upstream OpenClaw GitHub SECURITY.md references Docker sandboxing: 'docker run --read-only --cap-drop=ALL.' No mention of prompt injection defenses, memory integrity protection, or human-in-the-loop for goal changes on the hosting platform itself.

Features page describes 'AES-256 encrypted vault with automatic rotation. No plaintext credentials in config files.' GitHub SECURITY.md references 'detect-secrets' for CI/CD scanning. Features page claims 'Encrypted storage for credentials and conversation history.' No credential leak detection in outputs or documentation on credentials being excluded from AI model context.

Features page mentions 'Per-tool permission controls: approve what the agent can touch.' GitHub README references DM access controls. No spending caps, rate limiting, resource consumption limits, kill switches, or behavioral monitoring documented.

Self-hosted page: 'Portable Backups: Export your entire OpenClaw state as a single archive. Restore on a different provider in minutes.' Data export addressed. Terms allow 30-day data request after termination. Self-hosted FAQ: 'Your server and data remain yours' even if you stop paying. No tested backup verification, circuit breakers, or SLA. Status page doesn't resolve.

Four tiers at $29/$49/$149/$399/mo clearly separated from infrastructure costs. 'Transparent rates with zero surprise charges.' Terms: '30 days notice' for price changes. Prorated billing. No hard spending caps on AI usage, no usage monitoring alerts.

Features page claims 'Immutable audit log of every agent action.' Privacy policy mentions 'Regular security audits and penetration testing' without evidence. 'SOC 2 Type II compliance (in progress)' — explicitly not achieved. Delaware governing law. GDPR rights outlined. No incident response process or breach notification timeline published.

Built on open-source OpenClaw (MIT, 201k GitHub stars). SECURITY.md has detect-secrets in CI/CD, named security contact (Jamieson O'Reilly/Dvuln), CVE tracking. However, the hosting platform itself (deployclaw.com/openclawhosting.io) is not open-source. No published SBOM or MCP server vetting process.

Features page claims 'Dashboard secured with 2FA.' Registration shows Google OAuth. Features mention 'GDPR, SOC 2, and HIPAA-aligned configuration options' and 'Data residency: choose US, EU, or APAC.' GitHub SECURITY.md provides Docker hardening guidance. Docs site (docs.openclaw.dev) and status page both fail to resolve. No published security testing results.

No information about mitigations for AI hallucinations, output manipulation monitoring, approval workflows, independent verification, undo/rollback, or AI uncertainty transparency.