SMS Gateway
If your VPS/home loses internet, you can still SMS in commands and have the box execute a small, safe set of actions.
How to design it (so it’s reliable + not a security nightmare)
1) Run the SMS bridge on the same machine as Clawdbot gateway
The USB GSM modem receives SMS locally.
The bridge parses SMS and triggers local actions (restart containers, toggle config flags, dump status).
This works even with zero internet, as long as:
the machine still has power
the SIM can reach the carrier network
2) Don’t depend on the LLM at all
Treat SMS commands as hardcoded command routing, not “chat to AI”.
Example: status, restart gateway, tail logs, ping, ip, disk, vpn up, etc.
3) Security rules (must-have)
Allowlist sender numbers (your number + maybe wife’s)
Require a PIN in every message
Add rate limiting (e.g., 5 commands / 10 min)
Only expose a tiny command set (no arbitrary shell)
Example SMS format:
PIN123 status
PIN123 restart gateway
PIN123 logs gateway 50
PIN123 config set channels.whatsapp.enabled=false
4) What actions are most useful offline
Here’s a good starter set:
Health / status
status → uptime, load, disk, docker ps summary
ip → LAN/WAN IP (WAN may be stale without internet)
last → last 20 log lines from gateway
Control
restart gateway
restart sms-bridge
restart all
stop whatsapp
start whatsapp
Networking
vpn up / vpn down (if you use WireGuard)
wifi restart (if it’s a router-ish box)
Safe config toggles
config get <key>
config set <key>=<value>
config show (maybe truncated)
5) How it ties into Clawdbot
Two modes:
Mode A (recommended offline): SMS bridge executes locally
SMS → bridge → runs commands / edits config / restarts services
No dependency on Clawdbot being healthy
Mode B: SMS becomes a Clawdbot “channel”
SMS → bridge → posts message into Clawdbot as an inbound event
Clawdbot agent responds (but if the LLM is down, you’re back to square one)
So: Mode A for recovery, Mode B for convenience when everything works.
How to design it (so it’s reliable + not a security nightmare)
1) Run the SMS bridge on the same machine as Clawdbot gateway
The USB GSM modem receives SMS locally.
The bridge parses SMS and triggers local actions (restart containers, toggle config flags, dump status).
This works even with zero internet, as long as:
the machine still has power
the SIM can reach the carrier network
2) Don’t depend on the LLM at all
Treat SMS commands as hardcoded command routing, not “chat to AI”.
Example: status, restart gateway, tail logs, ping, ip, disk, vpn up, etc.
3) Security rules (must-have)
Allowlist sender numbers (your number + maybe wife’s)
Require a PIN in every message
Add rate limiting (e.g., 5 commands / 10 min)
Only expose a tiny command set (no arbitrary shell)
Example SMS format:
PIN123 status
PIN123 restart gateway
PIN123 logs gateway 50
PIN123 config set channels.whatsapp.enabled=false
4) What actions are most useful offline
Here’s a good starter set:
Health / status
status → uptime, load, disk, docker ps summary
ip → LAN/WAN IP (WAN may be stale without internet)
last → last 20 log lines from gateway
Control
restart gateway
restart sms-bridge
restart all
stop whatsapp
start whatsapp
Networking
vpn up / vpn down (if you use WireGuard)
wifi restart (if it’s a router-ish box)
Safe config toggles
config get <key>
config set <key>=<value>
config show (maybe truncated)
5) How it ties into Clawdbot
Two modes:
Mode A (recommended offline): SMS bridge executes locally
SMS → bridge → runs commands / edits config / restarts services
No dependency on Clawdbot being healthy
Mode B: SMS becomes a Clawdbot “channel”
SMS → bridge → posts message into Clawdbot as an inbound event
Clawdbot agent responds (but if the LLM is down, you’re back to square one)
So: Mode A for recovery, Mode B for convenience when everything works.
