OpenClaw macOS Always-On
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill’s always-on OpenClaw purpose is clear, but it installs persistent system-level service behavior and stores an OpenClaw gateway token in a readable LaunchDaemon plist.
Use this only if you truly want OpenClaw running unattended at system startup and after logout. Before installing, inspect the script locally instead of piping a live GitHub URL to bash, and consider changing the token handling so the gateway token is not stored in a readable LaunchDaemon plist.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Another local user or process that can read the LaunchDaemon plist may recover the OpenClaw gateway token and potentially access or control the OpenClaw gateway.
The installer reads a local OpenClaw gateway auth token and writes it into the LaunchDaemon plist, then installs that plist with mode 644, making the token part of a broadly readable system configuration.
GATEWAY_TOKEN=$(openclaw config get gateway.auth.token 2>/dev/null | tr -d '"' || echo "") ... <key>OPENCLAW_GATEWAY_TOKEN</key> <string>$GATEWAY_TOKEN</string> ... sudo chmod 644 "$PLIST_PATH"
Avoid storing long-lived gateway tokens in world-readable plist files. Use a protected per-user config file, macOS Keychain, or a launchd mechanism that does not expose the token, and clearly document what credential is used.
If the remote repository or branch changes, the command could run code different from the reviewed package while still asking for privileged installation access.
The documented quick install executes a live script from the master branch rather than a pinned, reviewed artifact, and the setup requires sudo for system-level installation.
curl -fsSL https://raw.githubusercontent.com/happydog-intj/openclaw-macos-always-on/master/install.sh | bash ... **Admin access** (sudo required for installation)
Do not use curl-to-bash for this installer unless you first inspect the downloaded script. Prefer the bundled install.sh, a pinned commit or release, and a published checksum.
OpenClaw can continue receiving and processing bot messages while the Mac is locked, logged out, or unattended, and the machine may not sleep normally.
The skill intentionally creates persistent unattended agent operation and prevents system sleep, which is purpose-aligned but materially changes when OpenClaw can act.
After (LaunchDaemon + caffeinate): Screen locked ✅ Runs indefinitely ... User logged out ✅ Continues running ... Boot startup At system boot ... Sleep prevention `caffeinate -s`
Install only on a trusted always-on Mac, keep the bot’s permissions limited, monitor logs, and use the provided uninstall/stop commands when 24/7 operation is no longer needed.