Skip to main content
hc
Submit
mcpSource-backedReview first Safety Privacy

OpenClaw MCP Server for Claude

Connect Claude, Codex, Claude Code, and other MCP clients to OpenClaw Gateway-backed channel conversations with the official `openclaw mcp serve` bridge, plus manage OpenClaw-saved outbound MCP server definitions.

by OpenClaw·added 2026-06-18·
Claude CodeCodexCursorClaude Desktop
HarnessClaude CodeCodexCursorClaude Desktop
Review first review before installing

Open the source and read safety notes before installing.

Safety notes

  • `messages_send` can send text back through an existing OpenClaw channel route, so confirm the target conversation before approving replies.
  • `permissions_respond` can resolve exec or plugin approval requests observed while the bridge is connected.
  • The live event queue and Claude channel notifications exist only while the MCP bridge session is connected; use transcript reads for older history.
  • Remote Gateway URLs, token files, and password files should be treated as secrets and scoped to trusted machines.
  • OpenClaw channel safety remains controlled by the underlying Gateway, pairing policy, sender allowlists, and sandbox settings.

Privacy notes

  • Routed conversation titles, transcript history, non-text message metadata, sender identifiers, account IDs, thread IDs, and live inbound events may be exposed to the MCP client and model.
  • Approval request details can reveal command text, plugin names, paths, or operational intent while the bridge is connected.
  • MCP client logs, transcript exports, and model prompts may retain OpenClaw conversation content outside the Gateway.
  • Do not paste Gateway tokens, password file contents, channel credentials, or MCP server secrets into prompts, public issues, screenshots, or committed config.

Prerequisites

  • OpenClaw CLI installed from npm and a working OpenClaw Gateway.
  • An MCP client such as Claude Code, Codex, Claude Desktop, or another stdio-capable host.
  • Existing OpenClaw session route metadata for conversations you want exposed through MCP.
  • Gateway token or password files when connecting to a remote OpenClaw Gateway.
  • Channel pairing, sender allowlists, and trust policies reviewed before exposing live messaging routes.

Schema details

Install type
cli
Troubleshooting
No
Source repository stats
Scope
Source repo
Collection metadata
Estimated setup
15 minutes
Difficulty
intermediate
Tool listing metadata
Full copyable content
openclaw mcp serve

About this resource

Overview

OpenClaw ships an official MCP surface through the openclaw mcp CLI. The most important path for Claude and other external clients is openclaw mcp serve, which starts a stdio MCP server, connects to an OpenClaw Gateway over WebSocket, and exposes routed OpenClaw channel conversations as MCP tools.

Use this when an MCP client should inspect and reply to OpenClaw-backed conversations without running a separate bridge for each channel. OpenClaw also uses the same openclaw mcp namespace for its client-side MCP registry, where operators can save, inspect, probe, and update third-party MCP server definitions for OpenClaw-managed runtimes.

Features

  • Start OpenClaw as a stdio MCP server with openclaw mcp serve.
  • Connect the bridge to a local or remote OpenClaw Gateway.
  • List routed conversations with conversations_list.
  • Fetch a single conversation with conversation_get.
  • Read recent transcript history with messages_read.
  • Inspect non-text transcript message metadata with attachments_fetch.
  • Poll or wait for live inbound events with events_poll and events_wait.
  • Send a text reply through an existing route with messages_send.
  • List and resolve live exec or plugin approvals with permissions_list_open and permissions_respond.
  • Enable Claude-specific channel notifications for live messages and permission events.
  • Manage OpenClaw-saved outbound MCP server definitions with openclaw mcp add, set, configure, tools, login, logout, status, doctor, probe, reload, and unset.
  • Inspect the MCP registry from the OpenClaw Control UI at /mcp.

Installation

Install the OpenClaw CLI:

npm install -g openclaw@latest

Configure a local MCP client to launch the OpenClaw bridge:

{
  "mcpServers": {
    "openclaw": {
      "command": "openclaw",
      "args": ["mcp", "serve"]
    }
  }
}

For a remote Gateway, pass a WebSocket URL and a token or password file:

openclaw mcp serve --url wss://gateway-host:18789 --token-file ~/.openclaw/gateway.token
openclaw mcp serve --url wss://gateway-host:18789 --password-file ~/.openclaw/gateway.password

Use openclaw mcp serve --claude-channel-mode off when a generic MCP client should use only standard MCP polling tools instead of Claude-specific channel notifications.

Bridge Tools

Tool Purpose
conversations_list List recent session-backed conversations with route metadata
conversation_get Read one routed conversation by session key
messages_read Read recent transcript messages for a conversation
attachments_fetch Extract non-text transcript message metadata
events_poll Read live queued events since a numeric cursor
events_wait Long-poll for the next matching live event
messages_send Send a text reply through the existing conversation route
permissions_list_open List live approval requests seen by the bridge
permissions_respond Allow or deny one observed approval request

MCP Registry Commands

The non-serve commands make OpenClaw act as a client-side MCP registry. They save and inspect server definitions under mcp.servers in OpenClaw config. They do not expose OpenClaw over MCP by themselves.

Common registry commands:

openclaw mcp list
openclaw mcp status --verbose
openclaw mcp doctor --probe
openclaw mcp probe context7 --json
openclaw mcp add memory --command npx --arg -y --arg @modelcontextprotocol/server-memory
openclaw mcp set docs '{"url":"https://mcp.example.com","transport":"streamable-http"}'
openclaw mcp configure docs --auth oauth --oauth-scope 'docs.read'
openclaw mcp login docs
openclaw mcp unset context7

Use probe or doctor --probe when you need live proof that a saved MCP server connects and lists capabilities.

Use Cases

  • Let Claude Code or Codex inspect OpenClaw conversations that already have Gateway route metadata.
  • Read recent transcript history before responding to a channel thread.
  • Watch live inbound events from OpenClaw-backed channels while an MCP client is connected.
  • Send a text reply through the same recorded route after human review.
  • Surface live OpenClaw approval requests inside an MCP client session.
  • Maintain a central registry of MCP servers that OpenClaw-managed runtimes can later consume.

Safety and Privacy

OpenClaw MCP inherits the authority of the connected Gateway and its configured channels. Sender allowlists, pairing policies, sandboxing, and channel trust boundaries still belong in OpenClaw Gateway configuration. The bridge only sends text through existing routes, but those routes may point at real messaging surfaces.

The live event queue starts when the bridge connects and disappears when the MCP client disconnects. Use messages_read for durable transcript history. Approval state is also live-session scoped, so permissions_list_open only includes requests observed while the bridge was connected.

For remote Gateways, keep token and password files out of prompts, screenshots, logs, and commits. Before exposing OpenClaw beyond localhost, review the official Gateway security and exposure runbooks.

Source Review

Verified on 2026-06-18:

  • OpenClaw's MCP documentation describes openclaw mcp serve as the path for running OpenClaw as an MCP server and the other openclaw mcp subcommands as the client-side registry path.
  • The documentation lists the bridge tools for conversations, transcript reads, live event polling, message sends, and approval handling.
  • The documentation describes Claude-specific channel notifications and notes that generic MCP clients should rely on the standard polling tools.
  • The OpenClaw npm package is published as openclaw with the upstream openclaw/openclaw repository.

Duplicate Check

No dedicated OpenClaw MCP server entry was found in content/mcp. Existing OpenClaw entries in content/skills are skill packs, not the official MCP bridge or MCP registry documentation.

#openclaw#mcp#gateway#channels#claude-code

Source citations

Add this badge to your README

Show that OpenClaw MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/mcp/openclaw-mcp-server.svg)](https://heyclau.de/entry/mcp/openclaw-mcp-server)

How it compares

OpenClaw MCP Server for Claude side by side with its closest alternative on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

FieldOpenClaw MCP Server for Claude

Connect Claude, Codex, Claude Code, and other MCP clients to OpenClaw Gateway-backed channel conversations with the official `openclaw mcp serve` bridge, plus manage OpenClaw-saved outbound MCP server definitions.

Open dossier 		Archestra MCP Platform

AGPL-licensed MCP-native platform with a private MCP registry, MCP gateway, Kubernetes MCP orchestrator, access control, credential resolution, observability, and deterministic tool guardrails for shared AI deployments.

Open dossier
Trust
Install riskReview firstReview first
Notes Safety Privacy Safety Privacy
Categorymcpmcp
Sourcesource-backedsource-backed
AuthorOpenClawarchestra-ai
Added2026-06-182026-06-06
Platforms
Claude CodeCodexCursorClaude Desktop
Claude CodeClaude Desktop
Source repo
Safety notes`messages_send` can send text back through an existing OpenClaw channel route, so confirm the target conversation before approving replies. `permissions_respond` can resolve exec or plugin approval requests observed while the bridge is connected. The live event queue and Claude channel notifications exist only while the MCP bridge session is connected; use transcript reads for older history. Remote Gateway URLs, token files, and password files should be treated as secrets and scoped to trusted machines. OpenClaw channel safety remains controlled by the underlying Gateway, pairing policy, sender allowlists, and sandbox settings.Archestra is a platform/control-plane entry, not a single-purpose local MCP helper; admins can expose many MCP servers, agents, tools, and credentials through one gateway. The upstream quickstart mounts the host Docker socket so the platform can run MCP servers; treat that as highly privileged host access and avoid using it on sensitive machines without isolation. Self-hosted MCP servers may run as Kubernetes workloads with injected environment variables, secrets, images, network policies, and restart controls. Tool assignments, gateway visibility, credential resolution, custom headers, and load-tools-on-demand settings should be reviewed per team and environment. Deterministic tool guardrails can reduce some unsafe tool chains, but they depend on correct policies and do not make untrusted MCP servers safe by default.
Privacy notesRouted conversation titles, transcript history, non-text message metadata, sender identifiers, account IDs, thread IDs, and live inbound events may be exposed to the MCP client and model. Approval request details can reveal command text, plugin names, paths, or operational intent while the bridge is connected. MCP client logs, transcript exports, and model prompts may retain OpenClaw conversation content outside the Gateway. Do not paste Gateway tokens, password file contents, channel credentials, or MCP server secrets into prompts, public issues, screenshots, or committed config.MCP server definitions, tool schemas, gateway tokens, upstream credentials, OAuth tokens, API keys, custom headers, logs, traces, and tool results may be stored or processed by the platform. Built-in observability, LLM proxy, chat, agents, and policy features can reveal prompts, tool arguments, tool outputs, token usage, user identities, team membership, and trace metadata. Registry entries and installations can use personal, team-scoped, or shared credentials; choose the narrowest scope that matches the use case. When external MCP clients call an Archestra gateway, downstream tool results can still be sent by the MCP client to the configured model provider.
Prerequisites
  • OpenClaw CLI installed from npm and a working OpenClaw Gateway.
  • An MCP client such as Claude Code, Codex, Claude Desktop, or another stdio-capable host.
  • Existing OpenClaw session route metadata for conversations you want exposed through MCP.
  • Gateway token or password files when connecting to a remote OpenClaw Gateway.
  • Docker for local evaluation, or Kubernetes and Helm/Terraform-style deployment planning for production use.
  • Organization policy for which MCP servers, credentials, teams, environments, and external network destinations may be exposed.
  • LLM provider keys or local model configuration if using Archestra's built-in chat, agents, or LLM proxy features.
  • Admin review of the quickstart container command before mounting the Docker socket.
Install
npm install -g openclaw@latest
docker pull archestra/platform:latest
Config
{
  "mcpServers": {
    "openclaw": {
      "command": "openclaw",
      "args": ["mcp", "serve"]
    }
  }
}
{
  "mcpServers": {
    "archestra": {
      "url": "LOCAL_ARCHESTRA_MCP_GATEWAY_URL",
      "headers": {
        "Authorization": "Bearer ARCHESTRA_GATEWAY_TOKEN"
      }
    }
  }
}
Citations
ClaimUnclaimedUnclaimed

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.