Back to plugin

Security audit

OpenClaw Memory System

Security checks across malware telemetry and agentic risk

Overview

This memory plugin is purpose-aligned overall, but it needs review because its hooks and sharing logic can expose or execute more than users may expect.

Review this plugin before installing. It is a coherent local memory system with no evident external exfiltration, but users should avoid saving secrets, verify cross-agent sharing behavior, and wait for fixes to the Python hook interpolation and temporary-file cleanup.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.dynamic_code_execution

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
index.ts:46
Evidence
const result = spawnSync("python3", [script, ...args], {

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
scripts/bm25_search.py:157
Evidence
spec.loader.exec_module(memory_indexer)