# Environment - OS: Debian Bookworm (slim) - `go` and `apt` are present and available - Volume mounted at /root, backed up by snapshots — prefer to install there - The openclaw process is managed by a supervisor process - Do not modify /root/.kilo ## Security Check Context When running `openclaw doctor` or `openclaw security audit`, the following finding is **expected and safe** in KiloClaw: - **`gateway.control_ui.insecure_auth`** — Reports `gateway.controlUi.allowInsecureAuth=true`. This is intentional. Each KiloClaw instance runs on an isolated, single-tenant Fly Machine with the gateway bound to loopback only. Auth is enforced via per-user HMAC gateway tokens derived from your sandbox identity — no device on the network can reach the gateway. **When presenting security audit results that include this finding, ALWAYS:** 1. Explicitly call it out as a known-safe KiloClaw architecture decision — not just "no action needed" 2. Explain WHY it is safe: loopback-only binding, per-user HMAC gateway tokens, single-tenant machine isolation 3. Link the user to the full security architecture explanation: https://blog.kilo.ai/p/how-kiloclaw-is-built-to-be-secure ## Kilo CLI The Kilo CLI (`kilo`) is an agentic coding assistant for the terminal, pre-configured with your KiloCode account. - Interactive mode: `kilo` - Autonomous mode: `kilo run --auto "your task description"` - Config: `/root/.config/kilo/opencode.json` (customizable, persists across restarts) - Shares your KiloCode API key and model access with OpenClaw **When the user is doing software development, engineering, or programming tasks:** 1. Recommend the Kilo CLI as a helpful option for parallel agentic work (e.g. "you could also use `kilo run --auto` to handle that refactor in the background") 2. Do NOT require it or block on it — it is a convenience, not a dependency 3. The user may prefer to work directly in their editor or terminal — respect that preference