Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"clawops": {
"args": [
"mcp",
"serve",
"--read-only"
],
"command": "/path/to/clawops"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
MCP-native infrastructure ops for OpenClaw — with read-only mode, destructive-action confirmation, and audit logs built in.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y '@clawops/cli' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked @clawops/cli against OSV.dev.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in devops
MCP server for using the GitLab API
A Unified MCP Server Management App (MCP Manager).
MCP server for Komodo - manage Docker containers, servers, stacks, and deployments via AI
MCP-NixOS - Model Context Protocol Server for NixOS resources
MCP Security Weekly
Get CVE alerts and security updates for io.github.dfridkin/clawops and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
MCP-native infrastructure ops for OpenClaw — with read-only mode, destructive-action confirmation, and audit logs built in.
clawops is a CLI and MCP server for deploying and operating self-hosted OpenClaw instances. Provision on AWS, GCP, Azure, or any Linux VM — then manage day-to-day operations from the terminal, or let Claude Code and Cursor drive them through typed MCP tools with explicit safety controls.
clawops mcp wire — wire the OpenClaw gateway's own AI as an MCP client of clawops.
Once wired, in-conversation commands like "check if my stack is healthy" or "show me the last 20
log lines" invoke the real clawops CLI rather than having the gateway AI guess.
clawops mcp wire # wire the default stack
clawops mcp wire --stack prod # target a named stack
clawops mcp wire --force # bypass gateway version check
Version-gated: requires OpenClaw ≥ 2026.4 on the gateway side. If the version is older, the command surfaces a clear upgrade prompt and exits cleanly.
The clawops setup wizard now also asks at the end of a successful deploy:
"Should the OpenClaw gateway's AI also be able to manage this stack?" — accepting wires the
client automatically over the same SSH session.
clawops monitor — live dashboard for any deployed stack. Shows gateway health, container
status, CPU/memory, disk usage, and a rolling log tail. Refreshes on an interval with [r],
toggles logs with [l], and quits with [q].
Run without --stack to get an interactive stack picker first — probes all registered stacks
in parallel, shows only running ones by default, and lets you toggle to a full list ([a]) where
not-deployed stacks can be deleted from the registry with [d]. Press [s] inside the dashboard
to go back to the picker.
clawops monitor # interactive stack selection → dashboard
clawops monitor --stack prod # jump straight to a named stack
clawops monitor --stack prod | cat # one-shot snapshot for CI
clawops_monitor MCP tool — same snapshot as a single structured JSON call, so Claude Code
and Cursor can check stack health without opening a terminal.
clawops stacks delete guard — now blocks deletion of a still-deployed stack and requires
--force to remove from the registry without tearing down cloud resources first.
pulumi binary required).--json) for scripting and automation.