🚨 PSA🚨 If you deployed an OpenClaw agent using DigitalOcean's 1-Click image it ships with an open file server on port 8080 that exposes your entire /root directory to the internet = not good! No auth. Private keys, API keys, configs are all publicly readable. My agent's FC wallet was drained because of this. It was a small amount, I caught it fast and everything has been rotated. But yikes! Reported to both OpenClaw and DigitalOcean.