Deploy a secure AI agent environment on Oracle Cloud Free Tier with:
- WhatsApp integration for messaging
- Email support via Himalaya
- OpenRouter LLM (Claude, GPT-4, etc.)
- Execwall command governance
| Mode | Security | Use Case |
|---|---|---|
| Standard (recommended) | Execwall REPL policy enforcement | WhatsApp + Email + OpenRouter |
| Seccomp | Execwall + kernel syscall filtering | High-security environments |
This guide covers the Standard deployment.
Internet
│
▼
┌───────────────────────────────────────────────────────────────┐
│ Oracle Cloud VM (Free Tier) │
│ ARM64 Ampere A1 - 4 CPU, 24GB RAM │
│ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ OpenClaw Gateway (Node.js) │ │
│ │ • WhatsApp Web integration │ │
│ │ • LLM API calls (OpenRouter) │ │
│ │ • Email via Himalaya │ │
│ │ • SHELL=/usr/local/bin/execwall-shell │ │
│ └────────────────────────┬────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ execwall-shell (--quiet mode) │ │
│ │ • Policy-enforced command execution │ │
│ │ • Rate limiting │ │
│ │ • Audit logging │ │
│ │ • Clean output (no banner noise) │ │
│ └─────────────────────────────────────────────────────────┘ │
│ │
│ Services: openclaw.service (systemd) │
│ Config: /etc/execwall/policy.yaml │
│ Logs: /var/log/execwall/audit.jsonl │
│ │
└───────────────────────────────────────────────────────────────┘
- Oracle Cloud account (Free Tier eligible)
- SSH key pair for VM access
- WhatsApp account for bot integration (optional)
- LLM API key (Gemini, OpenRouter, etc.)
-
Log in to Oracle Cloud Console
-
Create a Compute Instance:
- Shape:
VM.Standard.A1.Flex(ARM64, Free Tier) - OCPUs: 4 (Free Tier allows up to 4)
- Memory: 24 GB (Free Tier allows up to 24)
- Image: Oracle Linux 9 or Ubuntu 22.04
- Boot Volume: 100 GB (Free Tier)
- Shape:
-
Configure networking:
- Create VCN with public subnet
- Allow ingress on port 22 (SSH)
-
Add your SSH public key
SSH into your VM and run:
# Install everything (Execwall, OpenClaw, Himalaya)
curl -sSL https://raw.githubusercontent.com/sundarsub/execwall/main/scripts/install-oracle-cloud.sh | sudo bashOr with pre-configured credentials:
# Set credentials as environment variables
export OPENROUTER_API_KEY="sk-or-v1-your-key-here"
export GMAIL_ADDRESS="your-email@gmail.com"
export GMAIL_APP_PASSWORD="xxxx xxxx xxxx xxxx" # Gmail app password
# Run installer
curl -sSL https://raw.githubusercontent.com/sundarsub/execwall/main/scripts/install-oracle-cloud.sh | sudo -E bash# Start with Execwall (quiet mode - no banner noise)
openclaw-start
# Or use systemd service
sudo systemctl start openclaw
sudo systemctl enable openclaw # Start on bootWhen OpenClaw starts, a QR code appears. Scan it with WhatsApp mobile:
- Open WhatsApp on your phone
- Go to Settings → Linked Devices
- Tap "Link a Device"
- Scan the QR code
# Send a test email
email "recipient@example.com" "Test Subject" "Hello from Execwall!"If pre-built binaries don't work (GLIBC issues), build from source:
export BUILD_FROM_SOURCE=1
curl -sSL https://raw.githubusercontent.com/sundarsub/execwall/main/scripts/install-oracle-cloud.sh | sudo -E bash| Component | Path | Description |
|---|---|---|
execwall |
/usr/local/bin/execwall |
Execution governance REPL (supports --quiet) |
execwall-shell |
/usr/local/bin/execwall-shell |
SHELL wrapper with quiet mode |
email |
/usr/local/bin/email |
Send email to any recipient |
send-email |
/usr/local/bin/send-email |
Simple email helper script |
himalaya |
/usr/local/bin/himalaya |
CLI email client (IMAP/SMTP) |
openclaw |
/usr/bin/openclaw |
AI agent gateway (npm global) |
openclaw-start |
/usr/local/bin/openclaw-start |
Start OpenClaw with Execwall |
openclaw-status |
/usr/local/bin/openclaw-status |
Check service status |
policy.yaml |
/etc/execwall/policy.yaml |
Execution policy rules |
For OpenClaw gateway process - allows subprocess spawning but blocks dangerous syscalls:
seccomp_profiles:
gateway:
default: allow
deny_dangerous:
- ptrace
- mount
- bpf
- kexec_load
- reboot
- init_moduleFor sandboxed code execution with WhatsApp network access:
seccomp_profiles:
whatsapp_agent:
extends: base_restricted
allow:
- socket
- connect
- sendto
- recvfrom
network_policy:
allow_outbound:
- "*.whatsapp.net:443"
- "*.whatsapp.com:443"For maximum isolation - no network, no spawn:
seccomp_profiles:
isolated_agent:
extends: base_restricted
deny:
- socket
- connectExecwall REPL enforces policy on all commands:
[execwall:enforce]$ ls -la
total 48
drwxr-xr-x 5 opc opc 4096 Feb 24 10:00 .
...
[execwall:enforce]$ rm -rf /
[X] DENIED: rm -rf /
Rule: block_rm_rf_root
Reason: Recursive deletion of root filesystem is blocked
[execwall:enforce]$ sudo su
[X] DENIED: sudo su
Rule: block_sudo
Reason: Privilege escalation via sudo is blocked
Python code executes in an isolated sandbox:
# This runs in python_runner with:
# - Namespace isolation (mount, PID, network)
# - Seccomp syscall filtering
# - Cgroup resource limits (512MB RAM, 30s timeout)
import math
print(f"Pi = {math.pi}") # Works
import subprocess
subprocess.run(["ls"]) # BLOCKED by seccomp# Real-time audit log
tail -f /var/log/execwall/audit.jsonl | jq .
# Filter denied commands
grep '"decision":"denied"' /var/log/execwall/audit.jsonl | jq .# OpenClaw processes
ps aux | grep openclaw
# Execwall status
systemctl status openclaw-firewall# Memory and CPU
htop
# Disk usage
df -h# Check if ports are in use
ss -tlnp | grep 18789
# Kill existing processes
pkill -9 openclaw
# Check logs
journalctl -u openclaw-firewall -n 50# Check WhatsApp logs
tail -f /tmp/openclaw/openclaw-*.log | grep whatsapp
# Re-authenticate
rm -rf ~/.openclaw/whatsapp/
openclaw gateway # Scan new QR code# List available profiles
openclaw_launcher --list-profiles
# Use development profile (less restrictive)
openclaw_launcher --seccomp-profile development ...
# Or disable seccomp (NOT recommended for production)
openclaw_launcher --no-seccomp ...# Check which rule is blocking
execwall --verbose
# Test command evaluation
echo "your-command" | execwall --policy /etc/execwall/policy.yaml
# Edit policy
sudo vim /etc/execwall/policy.yaml# Update Execwall components
curl -sSL https://raw.githubusercontent.com/sundarsub/execwall/main/scripts/install-oracle-cloud.sh | sudo bash
# Update OpenClaw
sudo npm update -g openclaw# Stop services
sudo systemctl stop openclaw-firewall
sudo systemctl disable openclaw-firewall
# Remove binaries
sudo rm -f /usr/local/bin/execwall
sudo rm -f /usr/local/bin/openclaw_launcher
sudo rm -f /usr/local/bin/execwall-shell
sudo rm -rf /usr/lib/execwall/
# Remove config
sudo rm -rf /etc/execwall/
# Remove OpenClaw
sudo npm uninstall -g openclaw
rm -rf ~/.openclaw/- API Keys: Store API keys in environment variables, not in config files
- Firewall: Only expose necessary ports (22 for SSH, optionally 18789)
- Updates: Regularly update Execwall and OpenClaw for security patches
- Audit Logs: Monitor
/var/log/execwall/audit.jsonlfor suspicious activity - WhatsApp: Use a dedicated phone number for the bot
| Resource | Free Tier Allowance | Usage |
|---|---|---|
| Compute | 4 ARM OCPUs, 24GB RAM | Full allocation |
| Storage | 200GB boot volume | 100GB used |
| Network | 10TB/month outbound | Minimal for WhatsApp |
| Total | $0/month | Within free tier |
- GitHub Issues: https://github.com/sundarsub/execwall/issues
- Email: execwall@gmail.com