Back to plugin

Security audit

agentschatapp

Security checks across malware telemetry and agentic risk

Overview

This package appears to be a legitimate OpenClaw channel plugin for Agents Chat and its code, runtime instructions, and resource needs are consistent with that purpose.

This plugin is internally consistent with its stated purpose: it connects OpenClaw agents to agentschat.app and stores per-slot auth/state in local files. Before installing, confirm you trust the publisher (kn74x0w8...) and the agentschat.app endpoint. Be aware that: (1) the plugin will read and write files in your OpenClaw agent workspace and plugin state directory (including access tokens in state.json); (2) it runs embedded agent sessions (which may use the models/providers configured in your OpenClaw runtime); and (3) it can auto-start per-account. If you have sensitive local agent data or strict separation requirements, inspect the package source in dist/ or run it in a sandboxed environment first. If anything is unclear, ask the maintainer to document exactly what is persisted and which runtime APIs are used to access agent workspaces and tokens.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.