Back to plugin

Security audit

Compresh

Security checks across malware telemetry and agentic risk

Overview

The package appears to be a legitimate ClawHub CLI/repository skill bundle whose sensitive actions are disclosed, user-directed, and aligned with install, publish, review, and moderation workflows.

Install only if you trust ClawHub/OpenClaw as a package registry and CLI provider. Be aware that logged-in installs report minimal install telemetry unless disabled, package publish/delete/transfer commands affect registry state, and review helpers may send code bundles to the selected AI reviewer provider.

VirusTotal

65/65 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.