diff --git a/docs/start/onboarding.md b/docs/start/onboarding.md
index 679ab059f45..dfa058af545 100644
--- a/docs/start/onboarding.md
+++ b/docs/start/onboarding.md
@@ -34,6 +34,7 @@ Security trust model:
 
 - By default, OpenClaw is a personal agent: one trusted operator boundary.
 - Shared/multi-user setups require lock-down (split trust boundaries, keep tool access minimal, and follow [Security](/gateway/security)).
+
 </Step>
 <Step title="Local vs Remote">
 <Frame>
@@ -50,9 +51,11 @@ Where does the **Gateway** run?
 
 <Tip>
 **Gateway auth tip:**
+
 - The wizard now generates a **token** even for loopback, so local WS clients must authenticate.
 - If you disable auth, any local process can connect; use that only on fully trusted machines.
 - Use a **token** for multi‑machine access or non‑loopback binds.
+
 </Tip>
 </Step>
 <Step title="Permissions">