Shell command execution detected (child_process).
- Code
- suspicious.dangerous_exec
- Location
- dist/index.js:36
- Evidence
db.exec(FOLLOWUP_QUEUE_SCHEMA);
Security audit
Security checks across malware telemetry and agentic risk
This plugin appears to support its advertised mobile dashboard purpose, but it also makes broad automatic OpenClaw configuration changes and enables remote/admin control paths that users should review carefully.
Install only if you want Agent Life to act as a remote mobile control surface for OpenClaw. Expect it to change OpenClaw configuration, bind the gateway for LAN access, create and manage agents/sessions, start a cloudflared tunnel after pairing, store device and tunnel secrets, and grant admin-capable device access. Review the AgentLife service and publisher trust before using it on a machine with sensitive agents, credentials, or workspaces.
61/61 vendors flagged this plugin as clean.
Detected: suspicious.dangerous_exec, suspicious.potential_exfiltration
db.exec(FOLLOWUP_QUEUE_SCHEMA);
const tok = fs6.readFileSync(P.gatewayTokenFile, "utf-8").trim();