Back to plugin

Security audit

MoltGuard

Security checks across malware telemetry and agentic risk

Overview

Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions, system-prompt-override, unicode-control-chars); human review is required before treating this skill as clean.

Install MoltGuard only if you want a security gateway with broad visibility into OpenClaw activity. After installing, review the local gateway setting, Core API URL, API key handling, autoscan setting, and dashboard logs, especially before using it with confidential workspaces. ClawScan detected prompt-injection indicators (ignore-previous-instructions, system-prompt-override, unicode-control-chars), so this skill requires review even though the model response was benign.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.destructive_delete_command, suspicious.dynamic_code_execution (+2 more)

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dashboard-dist/api/index.js:889
Evidence
var match = FIRST_CHAR_REGEXP.exec(str)

Documentation contains a destructive delete command without an explicit confirmation gate.

Warn
Code
suspicious.destructive_delete_command
Location
README.md:244
Evidence
rm -rf ~/.openclaw/credentials/moltguard

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
dashboard-dist/api/index.js:4212
Evidence
var deprecatedfn = new Function('fn', 'log', 'deprecate', 'message', 'site',

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
dashboard-dist/api/573.index.js:219
Evidence
const apiKey = [REDACTED]();

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
dashboard-dist/api/67.index.js:9435
Evidence
const password = [REDACTED];

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
dashboard-dist/api/678.index.js:2711
Evidence
password: [REDACTED](urlObj.password),

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
dashboard-dist/api/index.js:23288
Evidence
const bearerToken = [REDACTED]?.replace("Bearer ", "");

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
dist/agent/config.js:85
Evidence
apiKey: [REDACTED],

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
dist/index.js:351
Evidence
apiKey: [REDACTED]?.apiKey ?? "",

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
README.md:119
Evidence
- "Ignore previous instructions" patterns