Keys
Environment variables, OS keyring, and encrypted local fallback storage. No real provider keys are required in project files.
Review Libre Claw's key storage, approval policy, sandboxing, memory redaction, daemon locality, and audit trail.
Environment variables, OS keyring, and encrypted local fallback storage. No real provider keys are required in project files.
Read-only tools can be allowed. Writes, shell, browser actions, git commits, downloads, and MCP tools ask first.
File access is restricted to the configured working directory by default, with blocked shell patterns for dangerous commands.
Credential-looking strings are redacted before memory indexing, search, or prompt injection.
Run events, tool calls, permission decisions, errors, costs, and artifacts are append-only and inspectable.
The local API binds to localhost by default; network exposure is a deliberate operator decision.
libre-claw auth status
/approvals
/tools list
/memory status
/runs
/usage ~/.libre-claw/config.toml
~/.libre-claw/.keys
~/.libre-claw/memory.db
~/.libre-claw/runs/
~/.libre-claw/sessions/