I haven't tried it yet, but IronClaw seems to be a much better / more secure alternative to OpenClaw
"IronClaw (@near_ai, Rust) is the most architecturally serious alternative. Built by @ilblackdragon as a direct response to OpenClaw's security failures. Tools and channels run in isolated WASM containers with capability-based permissions. Credentials live in an encrypted vault and are domain-scoped. That directly blocks the exact exfil vector, where a ClawHub skill was silently curling credentials to an attacker-controlled server. Auth is handled entirely outside the LLM flow. All arbitrary code runs inside Docker containers. Network calls are intercepted and checked for data leakage and prompt injection. Gateway defaults to 127.0.0.1 instead of OpenClaw's catastrophic 0.0.0.0 binding. And it leverages NEAR AI infra for confidential and anonymized inference. Apache-2.0 licensed, no OpenAI ties."
Link below.