Strategy 01

The Shadow Account Strategy

Create a complete air-gap between OpenClaw and your primary digital life. This strategy uses selective email forwarding to give OpenClaw limited, monitored access without exposing your main accounts.

Step-by-Step Setup

Create Secondary Gmail

Sign up for a new Gmail account (e.g., yourname.openclaw@gmail.com). Use a strong, unique password. Don't link it to your phone—use an authenticator app instead.

Use a password manager to generate a 20+ character password

Set Up Selective Forwarding

In your PRIMARY Gmail, go to Settings → Filters → Create new filter. Set up filters to forward ONLY specific emails to your shadow account.

Forward emails from specific domains or with subjects containing 'invoice', 'receipt', etc.

Connect OpenClaw

Connect OpenClaw ONLY to your shadow Gmail. Never give it access to your primary accounts. The shadow account becomes your 'airlock'.

Data flows in, but nothing flows out without your explicit approval

Enable Daily Monitoring

Set up a daily digest email to your primary account showing all actions OpenClaw took. Review this every morning.

Add this to your morning routine before your coffee gets cold

Why This Works

Even if OpenClaw is compromised, the attacker only gets access to your shadow account—which contains only the specific emails you've chosen to forward. Your primary Gmail, with years of sensitive data, remains untouched. It's like having a PO Box for your AI assistant.