Secure Credential Management for OpenClaw

Location: ETH Zürich, near Polyterrasse (exact room TBD)

Event Topic: One of OpenClaw's great strengths is its direct command-line access to user space—this flexibility enables rapid development of automation workflows without the friction of rigid APIs or sandboxed environments. But by default, this means the agent has plaintext access to all connected service credentials, whether Gmail, Calendar, WhatsApp, or others. This creates a broad attack surface and limits our ability to enforce fine-grained access policies.

In this meetup, we'll explore a practical architecture for credential isolation using macOS user spaces. We'll walk through how to deploy separate service proxies, each running in its own user context, to isolate credentials per service. These proxies act as gateways between the OpenClaw agent and your accounts, enabling you to implement arbitrary access policies—rate limiting, scope restrictions, audit logging, or whatever your threat model requires.

The good news: this architecture is simple enough to vibecode. You don't need deep systems expertise to get started—we'll show you how to scaffold the setup quickly and iterate from there.

Whether you're running OpenClaw for personal automation or exploring agent deployments in more sensitive contexts, this session will give you hands-on techniques for tightening your security posture without sacrificing the rapid iteration that makes OpenClaw powerful.