Frequently Asked Questions

What is BreachClaw?

BreachClaw is a security monitoring tool that scans the open internet for leaked credentials associated with the AI ecosystem. Enter your email to check if it appears in any publicly exposed files.

What credentials does BreachClaw detect?

Anything you might pass to an AI tool or agent — API keys, access tokens, passwords, and config files. For example: API keys for Claude or ChatGPT, credentials stored in OpenClaw agent configs, webhook URLs, and more. If it was typed into or stored by an AI tool and ended up in a public file, BreachClaw is looking for it.

What sources does it scan?

BreachClaw scans the open internet, including code repositories like GitHub and GitLab, paste sites, search engine indexes, and other public sources. If it's publicly accessible, it may be in scope.

What should I do if there is a match?

Reset your credentials and rotate the affected API keys immediately. If the leaked credentials were used with any AI services or agents, revoke and reissue them from the relevant provider's dashboard.

What is the relationship to OpenClaw?

BreachClaw is an independent, complementary tool built for the OpenClaw community. We are not affiliated with OpenClaw. Breaches involving OpenClaw-related credentials are not a reflection of OpenClaw's security or quality — they are a side effect of how people use and store credentials when working with AI software. BreachClaw exists to help that community stay safe.