An IRC interface for OpenClaw, enabling access to Claude AI through standard IRC clients.
- Minimal attack surface - No browser, no JavaScript supply chain, no WebSocket complexity
- Mature protocol - Decades of stability, well-understood security model
- Universal client support - Works with any IRC client on any platform
- Simple access control - Firewall at Layer 3, authenticate via VPN if needed
This project is part of a broader philosophy of securing self-hosted AI services through simplicity rather than complexity. See the KISS Security for OpenClaw whitepaper for the full rationale.
- SASL PLAIN authentication over TLS (recommended)
- Auto-join configured channels
- Send/receive messages (channels and DMs)
- Mention detection (@botname)
- Message chunking for IRC's message length limits
- Reconnection with exponential backoff
- Message sanitization (strips IRC formatting/control characters)
- CTCP ACTION support (/me messages)
- Multi-account support
- Comprehensive test suite
- OpenClaw instance
- IRC server (public like Libera.Chat, or self-hosted)
- Anthropic API key configured in OpenClaw
# Copy to OpenClaw extensions directory
cp -r . ~/.openclaw/extensions/irc
cd ~/.openclaw/extensions/irc
npm install --productionopenclaw plugins install @openclaw/ircAdd to ~/.openclaw/openclaw.json:
{
"channels": {
"irc": {
"enabled": true,
"server": "irc.libera.chat",
"port": 6697,
"ssl": true,
"nickname": "openclaw",
"username": "openclaw",
"realname": "OpenClaw IRC Agent",
"sasl": {
"username": "openclaw",
"password": "your-password"
},
"channels": ["#your-channel"],
"dm": {
"policy": "pairing",
"allowFrom": []
},
"groupPolicy": "allowlist",
"groups": {
"#your-channel": {
"users": ["*"]
}
}
}
}
}See docs/installation.md for detailed configuration options.
This plugin is designed to be deployed behind network-layer security controls:
- Firewall inbound - Permit only authorized source IPs
- VPN for remote access - Authenticate at the network layer with MFA
- Egress filtering - Restrict outbound to required destinations only
- No exposed authentication endpoints - The service is simply unreachable to attackers
For detailed security guidance, see KISS Security for OpenClaw.
The tools/ directory contains helper scripts:
openclaw-tunnel.sh- SSH tunnel launcher for secure remote accessopenclaw.desktop- Linux desktop entry for PWA-style accessopenclaw-icon.png- Application icon
# Install dependencies
npm install
# Build
npm run build
# Run tests
npm test
# Run tests with coverage
npm run test:coverageContributions welcome. Please read CONTRIBUTING.md first.
MIT License - see LICENSE