ClawCap
ReviewAudited by ClawScan on May 10, 2026.
Overview
ClawCap’s local scripts match its stated purpose, but using it means routing all OpenClaw model traffic through ClawCap’s third-party proxy.
Install only if you are comfortable trusting clawcap.co as a proxy for your OpenClaw model traffic and provider credentials. Use rotatable API keys, review the modified ~/.openclaw/openclaw.json, keep the backup, and use the uninstall script if you want to restore direct provider routing.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
ClawCap may receive provider authorization data needed to forward model requests, so the user must trust ClawCap with that credential path.
This discloses that ClawCap may handle the user's existing provider API credentials as part of proxy forwarding. That is expected for the stated proxy purpose, but it is sensitive delegated access.
Your API keys stay the same — ClawCap only reads them to forward requests, never stores them.
Use separate, rotatable provider API keys if possible, monitor provider usage, and install only if you trust ClawCap’s service and policies.
Sensitive prompts or model outputs could pass through ClawCap as part of normal operation.
The artifact clearly states that future model requests are routed through an external gateway. This is purpose-aligned, but prompts, responses, metadata, and provider request details may traverse that service.
All requests now flow through ClawCap and your spending caps are enforced automatically.
Avoid routing confidential data through the proxy unless ClawCap’s privacy, retention, and security posture are acceptable to you.
All configured providers may route through ClawCap until the user restores the config or runs the uninstall script.
The setup script rewrites provider base URLs to ClawCap’s proxy URL. This is a broad configuration mutation, but it is disclosed in the setup instructions and paired with backup and uninstall behavior.
provider._originalBaseUrl = provider.baseUrl; provider.baseUrl = proxyUrl;
Run setup deliberately, inspect ~/.openclaw/openclaw.json afterward, and keep the backup so you can revert quickly.
Running setup may launch the default browser through a local shell command.
The script invokes the system shell to open https://clawcap.co in a browser. The URL is fixed by the script rather than user-controlled, so this appears to be setup convenience rather than arbitrary command execution.
const { exec } = require('child_process');
...
exec(cmd, () => {});If you prefer to avoid this, set CLAWCAP_TOKEN beforehand or open the ClawCap site manually before running setup.