Security audit
Agent Collaboration OS
Security checks across malware telemetry and agentic risk
Overview
This plugin is a disclosed OpenClaw collaboration backend client; it can change shared project data, but those capabilities match its stated purpose and are not hidden.
Install only if you intend to connect this agent to the zhuzeyang/OpenClaw collaboration backend or a configured equivalent. Treat userToken and agentKey as sensitive, review broad task/project invocations before allowing changes, and be aware that approved tool calls can persistently modify remote project files, memories, membership, agent records, inbox acknowledgments, and orchestration state.
VirusTotal
62/62 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
