Security on Derek's Guides

OpenClaw Secrets Management with 1Password

Sat, 14 Mar 2026 00:00:00 +0000

This guide walks through setting up 1Password as a centralized secret provider for OpenClaw. By the end, every API key, token, and credential in your OpenClaw config will resolve at runtime through 1Password — nothing sensitive stored in plaintext.

Prerequisites

OpenClaw installed and running
1Password account (personal or business)
1Password CLI (op) installed
Basic familiarity with OpenClaw’s openclaw.json config

Part 1: Install and Configure 1Password CLI

Install the CLI

# Ubuntu/Debian
curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
 sudo gpg --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/$(dpkg --print-architecture) stable main" | \
 sudo tee /etc/apt/sources.list.d/1password.list

sudo apt update && sudo apt install 1password-cli

# Verify
op --version

Create a Service Account

For non-interactive (agent) access, you need a service account — not a personal sign-in.

SEL × Cynefin: Security and Autonomy for AI Agents

Fri, 13 Mar 2026 00:00:00 +0000

AI agents need to know two things before acting:

What tools can I use? (Security Execution Level)
How autonomous can I be in this domain? (Cynefin classification)

This guide shows you how to implement both, with OpenClaw-specific examples and prompts.

Prerequisites

OpenClaw installed and configured
Basic understanding of AI agents
Familiarity with Cynefin framework

Background

The Problem

When you have 150+ agents (like we do after installing Agency), you need answers to:

Building Modular Content Moderation with Guardrails

Wed, 18 Mar 2026 00:00:00 +0000

When building AI agents, content moderation is often an afterthought — if it’s considered at all. This guide walks through building a modular guardrails skill for OpenClaw that can be optionally imported into any skill that needs content filtering.

Why Modular Over Middleware?

Traditional approaches often bake moderation into the core agent loop. This has drawbacks:

All-or-nothing — You either moderate everything or nothing
Hard to test — Global changes affect everything
Inflexible — Different skills may need different rules

A modular approach lets you: