Back to plugin

Security audit

OpenClaw TUI Notify

Security checks across malware telemetry and agentic risk

Overview

This appears to do what it claims—send local macOS notifications for OpenClaw TUI replies when Ghostty is unfocused—without unrelated credential requests or external endpoints, though its metadata under-declares its local tool requirements.

This plugin looks internally coherent: it needs local process execution because it checks the active macOS app and invokes terminal-notifier. Before installing, make sure you actually want an OpenClaw plugin that can observe assistant-message metadata and short reply previews for notification purposes. If you enable debug mode, local logs may include session keys, titles, and short message snippets. Because the provided index.ts artifact was truncated, reviewing the full source from the repository would increase confidence.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
index.ts:316
Evidence
execFile(

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
notify-if-away.mjs:39
Evidence
return execFileSync(command, args, {