Back to plugin

Security audit

@blasrodri/clawguard

Security checks across malware telemetry and agentic risk

Overview

ClawGuard’s budget and DLP behavior mostly matches its stated purpose, but it ships a setup helper that can directly grant OpenClaw operator privileges and clear pending approvals.

Review this carefully before installing. The governance features are plausible and VirusTotal/static scan were clean, but do not run any setup helper unless you intentionally want it to change OpenClaw device authorization files. If you install it, configure DLP/audit settings deliberately, check where audit and budget files are written, and avoid enabling webhook notifications unless you are comfortable sending budget/security event metadata to that URL.

VirusTotal

62/62 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.