Everclaw — Inference You Own
WarnAudited by ClawScan on May 10, 2026.
Overview
Everclaw appears to be a real Morpheus inference integration, but it combines remote shell installation, wallet/payment credentials, device fingerprinting, OpenClaw config mutation, and persistent background services, so it needs careful review before use.
Install only if you specifically want Morpheus/Everclaw inference and are comfortable reviewing scripts. Do not use the curl-to-bash installer blindly; run dry-runs, back up OpenClaw config, inspect credential changes, use a dedicated low-balance wallet, and confirm how to disable any launchd/systemd services before enabling the full P2P or payment features.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the recommended command can execute arbitrary local commands, install dependencies, clone code, and change the user's OpenClaw environment before the user has reviewed the script.
The recommended install path executes a remote script directly. With no registry install spec and an unknown source, the artifact does not provide pinning, checksums, or a reviewed package boundary.
### One-Line Install (Recommended) ```bash curl -fsSL https://get.everclaw.xyz | bash ```
Avoid piping remote scripts directly to a shell. Download and inspect the installer first, prefer a pinned release or ClawHub install, and run setup in a sandbox or low-privilege account where possible.
A setup run can change model routing, add or replace provider credentials, and restart the user's OpenClaw gateway, potentially disrupting existing agents or sending prompts to a new provider.
The agent-facing setup command writes configuration and credentials and restarts the gateway. The document later says to dry-run first, but the prominent command already includes mutation flags.
node ~/.openclaw/workspace/skills/everclaw/scripts/setup.mjs --template gateway-only --key <API_KEY> --apply --test --restart ... Updates `auth-profiles.json` with the new provider credentials ... Restarts OpenClaw gateway
Run without --apply first, inspect the diff to openclaw.json and auth-profiles.json, back up existing configuration, and require explicit user approval before applying or restarting services.
The installer may identify the user's machine to an external service and leave a bootstrap key on disk.
The bootstrap key flow sends local device identifiers to an external Everclaw key service and stores a persistent key locally. This is privacy-sensitive and should be clearly opt-in and documented in network/data-flow metadata.
Device fingerprint generation (hostname + MAC + platform) ... Key request from `keys.everclaw.xyz` ... Key storage in `~/.openclaw/.bootstrap-key`
Make bootstrap enrollment explicit, document the endpoint and retention policy, allow users to skip or revoke bootstrap keys, and avoid sending raw hostname/MAC data when a less identifying token would work.
If mishandled, local session material could be forwarded, logged, or reused outside the user's intended boundary.
The static scan reports this sensitive-looking cookie/session file read is paired with a network send. The provided artifact excerpt does not clearly show the cookie path, destination, or protections.
const cookie = fs.readFileSync(COOKIE_PATH, "utf-8").trim();
Document the cookie/session file path, destination host, lifetime, and logging behavior; redact session material from logs; and require user opt-in before forwarding local session tokens.
If enabled with a funded wallet, the agent may sign transactions or payments within configured limits.
The skill can use wallet authority to sign blockchain payments. The artifacts disclose budget controls and dry-run mode, so this is purpose-aligned, but it is still high-impact delegated authority.
**x402 Payment Client** | Automatic HTTP 402 payment handling — signs USDC on Base via EIP-712, with budget controls and dry-run mode
Use a dedicated low-balance wallet, keep dry-run enabled until tested, set conservative per-request and daily budgets, review token approvals, and never use a wallet containing unrelated funds.
Background proxy and guardian processes may continue running, making network calls, writing logs, or restarting services even after the initial setup task is complete.
The skill installs or configures auto-restarting background services and a scheduled guardian. This is disclosed, but it keeps components operating after setup and requires clear user control.
persistence:
services:
- name: "com.morpheus.router" ... "launchd KeepAlive"
- name: "com.morpheus.proxy" ... "launchd KeepAlive"
- name: "ai.openclaw.guardian" ... "launchd StartInterval"Only enable persistent services if needed, inspect launchd/systemd files before loading them, document uninstall/disable commands, and prefer gateway-only mode if persistent local routing is unnecessary.