Back to plugin

Security audit

Agent Runtime Guard

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real local runtime security plugin, but it needs Review because it has broad agent hooks, persistent audit logging, and under-disclosed sensitive-data and setup-script risks.

Install only if you are comfortable giving this plugin broad control over OpenClaw runtime decisions and letting it inspect agent messages/tool inputs and write local audit logs. Review the audit path and retained fields, avoid running the prepare-speckit scripts unless you understand the Git and remote-code effects, and prefer a version that fixes the redaction/minimization mismatches and removes the execution-policy-bypass guidance.

VirusTotal

64/64 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.