Back to plugin

Security audit

openclaw power pack

Security checks across malware telemetry and agentic risk

Overview

The pack is broadly consistent with an OpenClaw automation installer, but it sets up persistent scheduled agent behavior and encourages storing sensitive credentials in agent-readable files without tight scope controls.

Before installing, review the Python installer and choose the most limited setup mode. Do not add real passwords or tokens to TOOLS.md, and disable or carefully review cron and heartbeat jobs that can run agents or update MEMORY.md automatically.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.