> ## Documentation Index
> Fetch the complete documentation index at: https://docs.getunbound.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# OpenClaw

> Enforce tool policies and route LLM calls through the Unbound AI Gateway for OpenClaw agents

## What is OpenClaw?

OpenClaw is a self-hosted AI agent framework that runs on your hardware. It supports multi-agent workflows, tool execution, and integrations with MCP servers — all controlled through a local gateway.

Unbound offers two independent integrations for OpenClaw:

1. **Tool Policies Plugin** — Enforce your organization's security policies on every tool call your OpenClaw agents make
2. **Unbound as LLM Provider** — Route OpenClaw's LLM calls through the Unbound gateway for visibility, guardrails, and model routing

You can use either or both depending on your needs.

## Prerequisites

* **OpenClaw**: Version 2026.2.0 or higher
* **Node.js / npm**: Required for plugin installation
* **Unbound Account**: Sign up at [gateway.getunbound.ai](https://gateway.getunbound.ai) if you don't have one

***

## Quick Setup (Recommended)

The setup script handles everything — authentication, plugin installation, configuration, and LLM provider setup.

**Open your terminal** and run:

```bash theme={null}
python3 -c "$(curl -s https://getunbound.ai/setup/openclaw/install)" --domain gateway.getunbound.ai
```

This will:

1. Open your browser for authentication via the Unbound dashboard
2. Install the `unbound-openclaw-plugin` npm package globally
3. Configure the tool policies plugin in `~/.openclaw/openclaw.json`
4. Set up Unbound as the LLM provider
5. Set the `UNBOUND_OPENCLAW_API_KEY` environment variable in your shell profile

Once complete, **restart your terminal** (or `source` your shell profile), then verify:

```bash theme={null}
openclaw agent --local --agent main --message "hello world"
```

### Setup Options

You can choose which components to install:

| Flag               | Description                                              |
| ------------------ | -------------------------------------------------------- |
| `--plugin`         | Install only the tool policies plugin                    |
| `--provider`       | Install only the LLM provider                            |
| `--model MODEL_ID` | Use a custom model (default: `claude-sonnet-4-20250514`) |

If neither `--plugin` nor `--provider` is specified, both are installed.

**Examples:**

```bash theme={null}
# Plugin only (tool policies, no LLM routing)
python3 -c "$(curl -s https://getunbound.ai/setup/openclaw/install)" --domain gateway.getunbound.ai --plugin

# Provider only with a custom model
python3 -c "$(curl -s https://getunbound.ai/setup/openclaw/install)" --domain gateway.getunbound.ai --provider --model fireworks-ai/kimi-k2p5

# Both with a custom model
python3 -c "$(curl -s https://getunbound.ai/setup/openclaw/install)" --domain gateway.getunbound.ai --model claude-opus-4-20250514
```

Available models can be found at [gateway.getunbound.ai/models](https://gateway.getunbound.ai/models).

### Removing the Integration

To undo all changes (uninstalls plugin, removes config and environment variable):

```bash theme={null}
python3 -c "$(curl -s https://getunbound.ai/setup/openclaw/install)" --clear
```

***

## Verification

After setup, test that tool policies are working:

**Test 1: Safe command (should succeed)**

```bash theme={null}
openclaw agent --local --agent main --message "run this shell command: echo hello world"
```

Expected: The command executes successfully.

**Test 2: Blocked command (requires a Block policy for `delete_file`)**

```bash theme={null}
openclaw agent --local --agent main --message "run this shell command: rm -rf /tmp/test.txt"
```

Expected: `[tools] exec failed: This command is blocked by your organization's policy.`

### Configuring Policies

Tool policies are managed at [gateway.getunbound.ai/policies/tool-policies](https://gateway.getunbound.ai/policies/tool-policies). You can create policies for:

* **Terminal commands** — e.g., blocking file deletions, database operations, or script execution
* **MCP tools** — e.g., blocking Slack messages or GitHub issue creation

Each policy can be set to **Block** (always denied) or **Warn** (allowed for OpenClaw, prompts for confirmation in Claude Code).

***

## Manual Configuration

If you prefer to configure everything yourself instead of using the setup script:

### Tool Policies Plugin

**Step 1:** Install the plugin:

```bash theme={null}
npm install -g unbound-openclaw-plugin
```

**Step 2:** Add the plugin to `~/.openclaw/openclaw.json`:

```json theme={null}
{
  "plugins": {
    "load": {
      "paths": ["<output of npm root -g>/unbound-openclaw-plugin"]
    },
    "entries": {
      "unbound-openclaw-plugin": {
        "enabled": true,
        "config": {
          "gatewayUrl": "https://api.getunbound.ai",
          "failOpen": true
        }
      }
    }
  }
}
```

<Tip>
  Run `npm root -g` to find your global npm modules path, then append `/unbound-openclaw-plugin` for the load path.
</Tip>

**Step 3:** Set the API key in your shell profile:

```bash theme={null}
export UNBOUND_OPENCLAW_API_KEY="your-api-key-here"
```

You can find your API key at [gateway.getunbound.ai/connect](https://gateway.getunbound.ai/connect).

### Plugin Configuration Reference

| Option       | Type    | Default                     | Description                                                                                                                    |
| ------------ | ------- | --------------------------- | ------------------------------------------------------------------------------------------------------------------------------ |
| `gatewayUrl` | string  | *required*                  | Unbound gateway URL (`https://api.getunbound.ai`)                                                                              |
| `apiKey`     | string  | `$UNBOUND_OPENCLAW_API_KEY` | API key for authentication. Falls back to the environment variable                                                             |
| `failOpen`   | boolean | `true`                      | When `true`, tool calls proceed if the gateway is unreachable. Set to `false` to block all tool calls when the gateway is down |

### LLM Provider

Add the provider to `~/.openclaw/openclaw.json`:

```json theme={null}
{
  "agents": {
    "defaults": {
      "model": {
        "primary": "unbound/claude-sonnet-4-20250514"
      }
    }
  },
  "models": {
    "providers": {
      "unbound": {
        "baseUrl": "https://api.getunbound.ai/v1",
        "apiKey": "${UNBOUND_OPENCLAW_API_KEY}",
        "api": "openai-completions",
        "models": [
          {
            "id": "claude-sonnet-4-20250514",
            "name": "claude-sonnet-4-20250514",
            "contextWindow": 200000,
            "maxTokens": 8192
          }
        ]
      }
    }
  }
}
```

Replace `claude-sonnet-4-20250514` with any model available on the gateway.

***

## Security Benefits

Using OpenClaw with Unbound Security AI Gateway provides:

* **Request Monitoring**: All AI requests are logged and monitored
* **Tool Policy Enforcement**: Block dangerous terminal commands and MCP tool calls
* **Compliance**: Ensure AI interactions meet your organization's standards
* **Audit Trail**: Complete visibility into AI usage patterns

<CardGroup cols={2}>
  <Card title="Tool Policies" icon="shield" href="/policies/tool-policies">
    Configure terminal command and MCP tool policies
  </Card>

  <Card title="Available Models" icon="brain" href="https://gateway.getunbound.ai/models">
    Browse models available through the Unbound gateway
  </Card>
</CardGroup>