Back to plugin

Security audit

Openclaw Plugin

Security checks across malware telemetry and agentic risk

Overview

This plugin is transparent about Kubernetes and optional SSH operations, but it gives an agent broad infrastructure control without strong built-in scoping or confirmations.

Install only if you are comfortable letting an agent operate against the clusters and SSH hosts exposed by your configuration. Use a least-privilege kubeconfig or service account, avoid production cluster-admin credentials, restrict namespaces where possible, prefer SSH keys over passwords, and review @k8s-ops/core before relying on this for production operations.

VirusTotal

65/65 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.