Security audit
OpenClaw Operations Bundle
Security checks across malware telemetry and agentic risk
Overview
This appears to be a legitimate OpenClaw operations bundle, but its manual installer has a path/provenance problem and creates scheduled jobs, so it should be reviewed before use.
Review and preferably fix openclaw-install.sh before running the manual installer. If you install it, inspect the created cron jobs, keep backups before repair/reset commands, and explicitly approve any command that reads or changes secrets, sessions, channels, plugins, or OpenClaw configuration.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Static analysis
No suspicious patterns detected.
