Hey everyone. Ran into a concerning issue this week and wanted to share to see if others have seen this pattern.
I was testing a new OpenClaw agent on an old OptiPlex 7050 micro I use as a dev node. The agent interacts with a local PostgreSQL instance for a small project. During some testing, I intentionally triggered a database connection error by stopping the Postgres service.
Instead of a generic error, the agent's response in the OpenClaw UI included the full connection string from my agent's configuration—host, port, database name, and my username/password in plain text. 😬 The same credentials also appeared in the agent's runtime log file on disk. This seems to happen specifically when the agent's tool call fails to connect; it dumps the problematic config as part of the error output.
My setup:
- OpenClaw v0.8.2
- Agent using the `postgres_tool` plugin
- Running on Ubuntu Server 22.04
Has anyone else experienced credential leakage through agent error messages or logs? I'm particularly worried about this in multi-user or shared environments, even in a homelab.
I'm thinking about mitigation steps:
* Sanitizing tool configuration before it's passed to the LLM context.
* Configuring the agent runtime to redact known patterns (like `postgresql://user:pass@host`) in all logs.
* Possibly using environment variables more aggressively, even if the config file itself is secured.
What are your strategies for keeping secrets out of logs and outputs? Any built-in OpenClaw or Nano Claw features I might have missed for this?