Skip to main content

System Requirements

OpenClaw Version

Minimum: OpenClaw v2026.1.0 or newer

Shield uses OpenClaw's plugin hooks that were introduced in v2026.1.0.

Check Your Version

openclaw --version

Update OpenClaw

npm update -g openclaw
Don't have OpenClaw?

Visit openclaw.org to install OpenClaw first.

Node.js & npm

Minimum Versions:

  • Node.js 18.0.0+
  • npm 8.0.0+

Check Your Versions

node --version  # Should be v18.0.0 or higher
npm --version   # Should be 8.0.0 or higher

Update Node.js

Using nvm (recommended):

nvm install 18
nvm use 18

Or download from:

Operating System

Shield works on:

  • Linux (Ubuntu 20.04+, Debian 11+, CentOS 8+, etc.)
  • macOS (10.15 Catalina or newer)
  • Windows (10, 11, Server 2019+)

Linux (Ubuntu 22.04 LTS) or macOS for production deployments.

Hardware Requirements

Minimum (Small Bot)

  • CPU: 1 core
  • RAM: 512 MB
  • Storage: 100 MB

Good for:

  • Personal bots
  • < 100 messages/day
  • Testing and development
  • CPU: 2+ cores
  • RAM: 2 GB+
  • Storage: 1 GB+

Good for:

  • Business bots
  • 1,000+ messages/day
  • Multiple channels
  • Semantic detection enabled

High Traffic (Enterprise)

  • CPU: 4+ cores
  • RAM: 4 GB+
  • Storage: 5 GB+

Good for:

  • Large-scale deployments
  • 10,000+ messages/day
  • Multiple bots
  • Advanced analytics

Network Requirements

Standalone Mode

  • ✅ No internet required
  • ✅ All processing local
  • ✅ Works offline

With Backend Integration

  • ✅ HTTPS outbound to securecheck.io (port 443)
  • ✅ ~10 KB/day data usage
  • ✅ Optional - graceful fallback to standalone

Firewall Rules:

# Allow outbound HTTPS to SecureCheck
https://api.securecheck.io  # Backend API
https://dashboard.securecheck.io  # Dashboard

Storage Requirements

Base Installation

  • Plugin Code: ~5 MB
  • Dependencies: ~50 MB
  • Built-in Rules: < 1 MB

Runtime Data

  • Logs: ~1-10 MB/day (configurable)
  • Semantic DB: ~100-500 MB (if enabled)
  • Rate Limit Cache: < 1 MB

Total Estimate

  • Minimal: 100 MB
  • Typical: 500 MB
  • With Semantic: 1 GB

Optional Dependencies

For Semantic Detection

Shield includes local semantic analysis using @xenova/transformers:

  • Additional Storage: ~200 MB (model files)
  • Additional RAM: ~500 MB during initialization
  • First startup: 30-60 seconds (downloads models)

Models are cached locally after first download.

Disable if limited resources:

{
  "semanticThreshold": 1.0  // Disables semantic detection
}

For Backend Integration

Optional connection to SecureCheck backend:

  • No additional dependencies
  • Graceful fallback if unavailable
  • Works without internet

Performance Benchmarks

Message Processing Speed

Without Semantic Detection:

  • Average: 5-10 ms/message
  • P95: < 20 ms
  • P99: < 30 ms

With Semantic Detection:

  • Average: 15-30 ms/message
  • P95: < 50 ms
  • P99: < 100 ms

Throughput:

  • Single core: ~500 messages/second
  • Dual core: ~1,000 messages/second
  • Quad core: ~2,000 messages/second

Resource Usage

CPU:

  • Idle: < 1%
  • Processing: 5-10% per core
  • Semantic: 20-30% per core during detection

Memory:

  • Base: ~100 MB
  • Per 1,000 rules: +50 MB
  • Semantic models: +500 MB

Compatibility

OpenClaw Channels

Shield works with ALL OpenClaw channels:

  • ✅ WhatsApp
  • ✅ Telegram
  • ✅ Discord
  • ✅ Slack
  • ✅ SMS
  • ✅ Facebook Messenger
  • ✅ Instagram
  • ✅ Email
  • ✅ Web chat
  • ✅ Custom channels

Database Support

Shield doesn't require a database. All data stored in:

  • JSON files (rules, config)
  • In-memory cache (rate limiting)
  • LanceDB (semantic vectors, optional)

Security Requirements

File Permissions

Shield needs read/write access to:

  • ~/.openclaw/ - Configuration files
  • ~/.securecheck/shield/ - Shield data directory
  • /tmp/ or system temp - Temporary processing

Network Permissions

  • Outbound HTTPS (optional, backend only)
  • No inbound ports required
  • No special firewall rules needed

User Permissions

  • Standard user permissions (no root/admin needed)
  • Can run as non-privileged user
  • Follows OpenClaw's permission model

Deployment Environments

Shield works in:

Bare Metal / VPS

  • ✅ Direct installation on Linux/Windows servers
  • ✅ Systemd service integration
  • ✅ PM2 process management

Docker

  • ✅ Runs in Docker containers
  • ✅ Compatible with docker-compose
  • ✅ Example Dockerfile available

Cloud Platforms

  • ✅ AWS EC2, ECS, Lambda
  • ✅ Google Cloud Compute, Cloud Run
  • ✅ Azure VMs, Container Instances
  • ✅ DigitalOcean Droplets
  • ✅ Heroku, Render, Railway

Kubernetes

  • ✅ Stateless deployment
  • ✅ Horizontal scaling
  • ✅ ConfigMap integration

Browser Requirements (Dashboard)

For the web dashboard:

  • Chrome: 90+
  • Firefox: 88+
  • Safari: 14+
  • Edge: 90+

JavaScript must be enabled.

Upgrade Path

From No Security to Shield

  1. Install Shield
  2. Start with monitor mode
  3. Review logs for false positives
  4. Switch to flag mode
  5. Finally enable block mode

From Custom Security

Shield integrates alongside existing security:

  • Doesn't conflict with other plugins
  • Can run in addition to custom filters
  • Migrate gradually

Not Supported

Node.js < 18 - Use nvm to upgrade ❌ OpenClaw < v2026.1.0 - Upgrade OpenClaw first ❌ Internet Explorer - Use modern browser for dashboard ❌ Python/Ruby bots - OpenClaw Shield is Node.js only

Need Help?

If you're unsure about requirements:

  1. Try Quick Start - Most compatible setup
  2. Discord Community - Ask questions
  3. Email: support@securecheck.io