Security audit
CleanShot Tool
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed CleanShot control plugin that can capture, record, OCR, and optionally upload screen content when invoked, but I found no hidden persistence, credential access, arbitrary shell execution, or unrelated data exfiltration.
Install only if you want OpenClaw agents to be able to control CleanShot X. Avoid invoking capture, OCR, recording, or upload tools while secrets, private messages, regulated data, or sensitive documents are visible. Be especially careful with the upload action if CleanShot Cloud is enabled, and do not use the unsafe-install bypass unless you have reviewed the source and understand why OpenClaw flagged child_process.
VirusTotal
61/61 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
