The Unlocked Door: Ryan Eade on What OpenClaw Users Need to Secure Right Now
Ryan Eade, Chief Product and Technology Officer at PtEverywhere, gave this talk at the June 10th TweenerClaw meetup, and it covers something most practitioners skip: how to actually keep your OpenClaw instance secure. Ryan walks through the three main ways OpenClaw instances get compromised: an open port that older versions left fully exposed, third-party skills that can carry malicious code (36% of early store listings had prompt injection), and prompt injection delivered through external content like X posts or README files. He also covers the upgrade windows that matter most; the March 12th and April 5th releases each contained critical security patches, and what to do right now: curl port 18789 on your OpenClaw and see if you get a response back. The practical framework Ryan closes with is worth listening to by itself. He calls it "staff not software" with the idea that every access decision for your OpenClaw should mirror how you'd onboard a new employee: scoped API keys with minimum permissions, a purpose-built email account, one-time credit cards for purchasing tasks, and human approval gates before any destructive action runs. If you've been meaning to lock down your setup but kept putting it off, Ryan gives you everything you need to do it in under 20 minutes.
Timestamps
00:00 Intro bumper
Timestamps
00:00 Intro bumper
00:16 Sponsor recognition
01:22 Scot's intro
01:56 Introducing Ryan Eade
02:05 Ryan's topic: cybersecurity for OpenClaw
02:50 Ryan Eade
03:28 "Nobody starts with security"
04:10 Why OpenClaw isn't just a chatbot
05:26 The threat landscape
06:09 Early OpenClaw exposure stats
06:40 Threat 1: The open port
07:28 Docker's dirty secret: it bypasses your local firewall
08:07 Fix: bind to localhost and use Tailscale
09:19 What Tailscale is and why it works
09:26 Threat 2: Third-party skills
10:18 How to vet skills: pull the GitHub and read the code
10:58 Threat 3: Prompt injection from the web
11:39 How prompt injection poisons an OpenClaw session
11:47 Real examples
12:51 The full attack chain: README → backdoor → breach
13:52 System prompts vs. session instructions
14:17 The upgrade reality
15:37 Critical release windows: January, March 12, April 5
16:21 "Staff, not software"
16:44 One-time credit cards for purchasing tasks
17:19 Keep your personal email separate
17:57 Least-privilege API keys
19:10 Build in approval gates
19:52 Summary: vet skills, keep it on a leash, have a no-no plan
20:16 The port 18789 check
20:32 Closing remarks
-----
Where to Find Ryan Eade
LinkedIn: https://www.linkedin.com/in/ryaneade/
PtEverywhere: https://www.pteverywhere.com/
Where to Find Scot Wingo:
LinkedIn: https://www.linkedin.com/in/thescotwingo/
Tweener Times: https://www.tweenertimes.com/
X: https://x.com/scotwingo
---
This episode of Triangle Tweener Talks is hosted by Scot Wingo, presented and produced by NC Tweener Fund, with creative assets and design support from Walk West.
We couldn’t share posts like this without our amazing sponsors:
Platinum:
NC IDEA: https://ncidea.org
Gold Sponsors:
- Balentine: https://www.balentine.com/triangle-entrepreneurs
- EisnerAmpner: https://www.eisneramper.com
- Robinson Bradshaw: https://www.robinsonbradshaw.com
Silver Sponsors:
- Automated Consulting Group: https://automated.co
- Bank of America: https://business.bofa.com/en-us/content/technology-industry-group.html
------
Triangle Tweener Talks is sponsored by:
Triangle Tweener Talks is sponsored by:
- Atomic Object: https://atomicobject.com/
