{"id":"freema-openclaw-mcp","name":"openclaw-mcp","homepage":"https://www.tomasgrasl.cz/","repo_url":"https://github.com/freema/openclaw-mcp","category":"ai-ml","subcategories":[],"tags":["mcp","mcp-server","openclaw","claude","oauth2","bridge","self-hosted","typescript","security","docker"],"what_it_does":"openclaw-mcp is an MCP (Model Context Protocol) server/bridge that connects Claude (MCP client) to a self-hosted OpenClaw gateway/assistant. It forwards chat/status/task operations and supports sync and async tools, including multi-instance routing and OAuth2 authentication.","use_cases":["Connect Claude.ai or Claude Desktop to a self-hosted OpenClaw assistant via MCP","Send chat messages to OpenClaw and retrieve responses","Run long-running OpenClaw tasks asynchronously (queue, poll status, cancel)","Monitor OpenClaw gateway health and list configured OpenClaw instances","Bridge to multiple OpenClaw gateway instances (prod/staging/dev) from a single MCP endpoint"],"not_for":["Exposing OpenClaw capabilities publicly without proper authentication/authorization controls","Use cases requiring a documented REST/GraphQL/SDK interface beyond MCP tooling","Environments where you cannot terminate TLS or where OAuth issuer URL cannot be set correctly behind a reverse proxy"],"best_when":"You want a straightforward MCP integration for Claude with OAuth2-protected access to a self-hosted OpenClaw backend, including optional multi-instance routing.","avoid_when":"You cannot set correct OAuth issuer/public URLs behind a proxy or you plan to run the service with authentication disabled in production.","alternatives":["MCP client integrations that directly call OpenClaw over its own API (if available)","Custom proxy/bridge service exposing OpenClaw functionality to Claude in a bespoke way","Other MCP servers that provide generic OpenAI/OpenTelemetry tooling for self-hosted agents (if compatible with your backend)"],"af_score":57.8,"security_score":64.0,"reliability_score":32.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:44:53.677704+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["OAuth2.1 / OAuth2 using MCP_CLIENT_ID and MCP_CLIENT_SECRET","Bearer/client-token style for upstream OpenClaw gateway via OPENCLAW_GATEWAY_TOKEN and per-instance tokens"],"oauth":true,"scopes":false,"notes":"The README describes an MCP server protected by OAuth2 (AUTH_ENABLED=true, MCP_CLIENT_ID/SECRET, optional MCP_ISSUER_URL). Separate upstream OpenClaw gateway token(s) are used to authenticate to OpenClaw."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; appears self-hosted (Docker/npm)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":57.8,"security_score":64.0,"reliability_score":32.5,"mcp_server_quality":78.0,"documentation_accuracy":75.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":10.0,"tls_enforcement":70.0,"auth_strength":80.0,"scope_granularity":40.0,"dependency_hygiene":40.0,"secret_handling":80.0,"security_notes":"Uses OAuth2 authentication for the MCP server (AUTH_ENABLED=true) and provides guidance to restrict CORS origins. README includes a threat model and logging docs (referenced but not included here). Scope granularity and specific authorization model are not detailed; rate limiting details are not provided. Dependency hygiene cannot be fully assessed from the provided manifest/README.","uptime_documented":0.0,"version_stability":60.0,"breaking_changes_history":30.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":"Async task operations (queue/cancel/status) are described, but idempotency guarantees are not documented.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["When behind a reverse proxy, MCP_ISSUER_URL (or --issuer-url) must be set to a public HTTPS URL to avoid OAuth metadata pointing to localhost.","Pin Docker image versions for production; using :latest is discouraged in the README.","Correctly configure CORS_ORIGINS (default examples include https://claude.ai)."]}}