Back to plugin

Security audit

Agent Life

Security checks across malware telemetry and agentic risk

Overview

This plugin appears to support its advertised mobile dashboard purpose, but it also makes broad automatic OpenClaw configuration changes and enables remote/admin control paths that users should review carefully.

Install only if you want Agent Life to act as a remote mobile control surface for OpenClaw. Expect it to change OpenClaw configuration, bind the gateway for LAN access, create and manage agents/sessions, start a cloudflared tunnel after pairing, store device and tunnel secrets, and grant admin-capable device access. Review the AgentLife service and publisher trust before using it on a machine with sensitive agents, credentials, or workspaces.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.potential_exfiltration

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/index.js:36
Evidence
db.exec(FOLLOWUP_QUEUE_SCHEMA);

Sensitive-looking file read is paired with a network send.

Warn
Code
suspicious.potential_exfiltration
Location
dist/index.js:4211
Evidence
const tok = fs6.readFileSync(P.gatewayTokenFile, "utf-8").trim();