Security Hardening

Moltbot can execute tools. Lock it down before you expose it to the internet.

Restrict who can talk to the bot

Use allow lists for channel IDs:

channels:
  telegram:
    allowFrom:
      - 123456789

Lock down the gateway

Always set a gateway auth token and avoid binding publicly without it.

Container sandboxing

Run with read-only mounts and minimal privileges:

docker run --read-only   --cap-drop ALL   -v ~/.moltbot:/home/moltbot/.moltbot

Block dangerous commands

Disable destructive tools or add command allow lists in your config.