Instance isolation
Each customer instance runs as a separate managed runtime with its own workspace, configuration, and browser profile. Instances are not exposed through direct public system access.
Security
Managed OpenClaw hosting with explicit security boundaries.
Lobsterland hosts OpenClaw in a managed cloud environment so teams can use powerful agents without exposing raw browser control, direct machine access, or unmanaged credential sprawl as the default operating model.
Credential boundary
Provider keys and integration secrets are handled through the platform control plane and encrypted storage paths. Agents do not need broad direct access to raw platform credentials.
Authenticated user access
Dashboard actions, browser viewing, and manual takeover flows sit behind account authentication rather than unauthenticated VNC, CDP, or shell endpoints.
Operational visibility
The platform keeps usage, cost, and runtime state visible so owners can review model spend, connected addons, and running agent infrastructure.
Hosted Browser
Browser control stays inside the managed runtime.
Hosted Browser gives the OpenClaw agent local CDP access inside the instance while the user opens the visual browser through the authenticated dashboard. The intended public surface is the dashboard and backend auth proxy, not a raw CDP or VNC port.
That design lets a user complete login, MFA, CAPTCHA, downloads, uploads, or manual takeover from the dashboard while preserving a persistent browser profile for the agent.
- CDP is consumed locally by the OpenClaw runtime.
- The browser viewer is reached through authenticated app access.
- Browser state belongs to the managed instance volume.
- The profile can be reset when a workflow needs a clean browser.
Owner responsibilities
Security still depends on the workflows you connect.
Managed hosting reduces infrastructure risk, but it does not make every agent action harmless. Owners should still scope API keys, review connected services, keep sensitive production systems behind approval gates, and reset browser sessions when access no longer needs to persist.
- Use least-privilege credentials for connected tools.
- Restrict messaging channels to approved users or groups.
- Review high-impact tool actions before letting agents run them repeatedly.
- Remove unused addons, browser sessions, and environment variables.
Need the browser-specific model?
The Hosted Browser overview explains how persistent browser state, local CDP, and dashboard handoff work together for login-heavy OpenClaw workflows.