MoClaw claw guide

Moltworker

Cloudflare's project is an open-source proof of concept for running OpenClaw inside a Cloudflare Sandbox container. It is not a formal managed SaaS product, and Cloudflare says it is experimental, unsupported, and may break without notice.

The project combines a Worker entrypoint, a sandboxed OpenClaw container, an administration interface, authentication through Cloudflare Access, optional persistent storage, and optional browser and model-routing services.

Quick answer: This is a self-deployed Cloudflare architecture for OpenClaw, not an all-in-one hosted assistant subscription. It can remain available in the cloud, but the user must deploy, secure, fund, and maintain the stack.

Who this is for

Non-technical professionals, solopreneurs, and lean teams who want recurring browser, file, research, and monitoring workflows without self-hosting OpenClaw, configuring a server, or keeping a personal computer awake.

Moltworker hero image

What Is Moltworker? A Cloudflare Self-Deployment Pattern

The search phrase “managed hosting” can be misleading here. The project uses managed Cloudflare infrastructure, but the user deploys and operates the application in their own Cloudflare account. It is not a supported Cloudflare-hosted OpenClaw service with a dedicated customer plan.

Its architecture has several parts:

ComponentFunction
Worker entrypointRoutes requests between the user, admin interface, and sandbox
Cloudflare SandboxRuns the standard OpenClaw Gateway inside a container
Cloudflare AccessProtects administrative endpoints and validates identity
Device pairingRequires approval before a new client can use the Gateway
R2 storageOptionally preserves configuration and conversation data across restarts
Browser RenderingOptionally gives OpenClaw a remote headless-browser path
AI GatewayOptionally routes model traffic and centralizes usage visibility

This is a cloud deployment of OpenClaw rather than a new agent runtime. OpenClaw provides the assistant, workspace, skills, conversations, and channels; the Cloudflare project provides the hosting adaptation.

Moltworker Cost Stack: Workers, Sandbox, R2 & Models

There is no standalone Moltworker pricing plan. The deployment requires a paid Workers plan for Sandbox containers, and usage can generate separate container, storage, network, logging, browser, and model costs.

The total depends on choices such as:

  • Container size and how long it stays awake
  • Active CPU use and provisioned resources
  • Whether persistent storage is enabled
  • Browser Rendering usage
  • Worker, Durable Object, and network activity
  • Model provider and token consumption
  • Log volume and retention

Do not reduce this to “OpenClaw hosting for the base Workers subscription.” The official repository's own estimate shows that continuous container operation can cost materially more than the plan fee, and actual usage varies.

Sleeping the container can reduce compute costs, but the next request may have a noticeable cold start. Budget caps also need to account for model and platform services separately.

Source note: This section summarizes public pages available at review time. A missing public workflow or architecture detail is treated as a public evidence gap to verify with the provider, not as proof that the feature is unavailable.

Moltworker Setup Burden, Cloudflare Access & Model Keys

Moltworker packages OpenClaw's Control UI and documented Telegram, Discord, and Slack paths. Channel support still depends on the packaged OpenClaw version, required tokens, and correct policy configuration.

Setup is not one click in the SaaS sense. The operator must:

  • Create the Cloudflare deployment and required bindings.
  • Add model credentials or configure AI Gateway billing.
  • Generate and store a Gateway token.
  • Enable Cloudflare Access for the administration interface.
  • Pair each new device.
  • Configure R2 if state must survive container restarts.
  • Add channel credentials and optional browser settings.
  • Monitor costs, backups, logs, and upstream compatibility.

BYOK is supported through direct model credentials or Cloudflare AI Gateway configuration. The repository currently documents an Anthropic path most directly, while AI Gateway can provide broader routing options. Avoid claiming that every OpenClaw provider works automatically without configuration.

Source note: This section summarizes public pages available at review time. A missing public workflow or architecture detail is treated as a public evidence gap to verify with the provider, not as proof that the feature is unavailable.

Moltworker Public Evidence to Verify for Production Use

The OpenClaw process runs inside a Cloudflare Sandbox container, but the full deployment is tied to Cloudflare Workers, Access, Sandbox APIs, and optional R2, Browser Rendering, and AI Gateway services.

This creates both benefits and constraints:

BenefitConstraint
Isolated cloud containerRequires Cloudflare-specific deployment and billing
Cloud authentication layerAccess policies and secrets must be configured correctly
Optional persistent backupData is ephemeral without R2 credentials
Optional sleeping containerWake-up delay after inactivity
Remote browser capabilityAdditional service configuration and usage
OpenClaw in the cloudUpstream changes can break an unsupported proof of concept

Calling the design “serverless OpenClaw” hides the container. The Worker is the entrypoint, while the agent runs in a provisioned Sandbox container with memory, CPU, disk, and lifecycle behavior.

The project also requires Cloudflare Access and device pairing for the Control UI. Development mode can bypass those controls and should not be presented as appropriate for an internet-facing deployment.

Source note: This section summarizes public pages available at review time. A missing public workflow or architecture detail is treated as a public evidence gap to verify with the provider, not as proof that the feature is unavailable.

Moltworker vs MoClaw When You Do Not Want to Operate Infra

Moltworker is a build-it-yourself cloud deployment. MoClaw is a managed cloud AI computer intended for users who want to assign work rather than assemble the hosting stack.

Disclosure: We make MoClaw. Cloudflare's project is described from its official repository and engineering post.

AreaMoltworkerMoClaw
Service modelExperimental open-source deployment recipeManaged cloud AI computer
Agent runtimeOpenClaw in a Cloudflare SandboxProvider-managed assistant environment
SetupCloudflare project, secrets, Access, storage, and channelsAccount and supported workflow configuration
PersistenceOptional R2 backup and restoreManaged environment storage behavior
Browser workOptional Browser Rendering integrationSupported browser capability in the cloud computer
SchedulingOpenClaw schedules while the container is availableManaged schedules designed for persistent operation
MaintenanceUser tracks Cloudflare and OpenClaw changesProvider manages the underlying environment

Choose Moltworker when learning or controlling the Cloudflare architecture is part of the goal. Choose MoClaw when browser, file, skill, and scheduled work matter more than operating the infrastructure.

Security Questions: Access Policies, Pairing & Secrets

Sandboxing reduces direct host exposure, but cloud security still depends on identity, secrets, network routes, storage, and application configuration.

For Moltworker, the official setup expects:

  • Cloudflare Access protecting administrative endpoints
  • A Gateway token for remote Control UI access
  • Explicit device pairing
  • Separate secrets for channels and browser access
  • R2 credentials if persistence is enabled
  • Development bypasses kept away from public deployments

A local OpenClaw host has a different risk profile. It may expose personal files, browser sessions, or network resources available on that machine. The Cloudflare container separates the agent from a personal computer, but it places sensitive state and service configuration in a cloud account.

Neither model is automatically safer for every task. Minimize connected accounts, use dedicated credentials, and review what a skill or browser session can reach.

Source note: This section summarizes public pages available at review time. A missing public workflow or architecture detail is treated as a public evidence gap to verify with the provider, not as proof that the feature is unavailable.

Questions

Can I Move an Existing OpenClaw Workspace to Moltworker?

Potentially, but migration should follow the current repository's storage and restore guidance. Back up the workspace first and do not assume local paths, browser sessions, or every plugin will transfer unchanged.

Does Moltworker Support OpenClaw Skills?

It runs OpenClaw and includes a Cloudflare browser skill. Other skills depend on their packages, binaries, network access, credentials, and compatibility with the sandbox image.

Can I Set a Single Budget Cap?

Not necessarily. Platform resources and model usage may be billed through different services. Configure alerts and limits wherever the chosen Cloudflare and model-provider accounts support them.

Is Moltworker Production-Supported by Cloudflare?

No. Cloudflare calls it an experimental proof of concept, not a Cloudflare product, and warns that it may break without notice. It should not be marketed as a production-supported managed service.

Moltworker is useful for experimenting with OpenClaw on Cloudflare infrastructure. Its strongest limitation is also its defining feature: the operator owns a multi-service Cloudflare deployment rather than receiving a complete hosted assistant.

Review the official Cloudflare repository Read Cloudflare's Moltworker announcement Explore MoClaw use cases See how MoClaw works

Want a claw without the setup?

MoClaw is a hosted cloud claw — OpenClaw-style automation, always on, with no Docker, VPS, or server to babysit. Bring your own key.