openclaw-mcp
openclaw-mcp is an MCP (Model Context Protocol) server/bridge that connects Claude (MCP client) to a self-hosted OpenClaw gateway/assistant. It forwards chat/status/task operations and supports sync and async tools, including multi-instance routing and OAuth2 authentication.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Uses OAuth2 authentication for the MCP server (AUTH_ENABLED=true) and provides guidance to restrict CORS origins. README includes a threat model and logging docs (referenced but not included here). Scope granularity and specific authorization model are not detailed; rate limiting details are not provided. Dependency hygiene cannot be fully assessed from the provided manifest/README.
⚡ Reliability
Best When
You want a straightforward MCP integration for Claude with OAuth2-protected access to a self-hosted OpenClaw backend, including optional multi-instance routing.
Avoid When
You cannot set correct OAuth issuer/public URLs behind a proxy or you plan to run the service with authentication disabled in production.
Use Cases
- • Connect Claude.ai or Claude Desktop to a self-hosted OpenClaw assistant via MCP
- • Send chat messages to OpenClaw and retrieve responses
- • Run long-running OpenClaw tasks asynchronously (queue, poll status, cancel)
- • Monitor OpenClaw gateway health and list configured OpenClaw instances
- • Bridge to multiple OpenClaw gateway instances (prod/staging/dev) from a single MCP endpoint
Not For
- • Exposing OpenClaw capabilities publicly without proper authentication/authorization controls
- • Use cases requiring a documented REST/GraphQL/SDK interface beyond MCP tooling
- • Environments where you cannot terminate TLS or where OAuth issuer URL cannot be set correctly behind a reverse proxy
Interface
Authentication
The README describes an MCP server protected by OAuth2 (AUTH_ENABLED=true, MCP_CLIENT_ID/SECRET, optional MCP_ISSUER_URL). Separate upstream OpenClaw gateway token(s) are used to authenticate to OpenClaw.
Pricing
No pricing information provided; appears self-hosted (Docker/npm).
Agent Metadata
Known Gotchas
- ⚠ When behind a reverse proxy, MCP_ISSUER_URL (or --issuer-url) must be set to a public HTTPS URL to avoid OAuth metadata pointing to localhost.
- ⚠ Pin Docker image versions for production; using :latest is discouraged in the README.
- ⚠ Correctly configure CORS_ORIGINS (default examples include https://claude.ai).
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for openclaw-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.