Back to plugin

Security audit

灵枢AutoBrain

Security checks across malware telemetry and agentic risk

Overview

This package mostly does what it advertises, but it installs a broad autonomous agent layer with persistent scheduled jobs, workspace-wide scans, code execution, and file-moving cleanup behavior that needs careful review before use.

Review this carefully before installing. It is not flagged as malicious, but installing it means allowing a community package to run code during bootstrap, deploy many Python engines into your OpenClaw workspace, scan and index local memory/skills/configuration, register recurring jobs, and perform automatic cleanup/archival actions. Use it only in a workspace where you are comfortable with persistent automation, and verify how to disable cron jobs, remove state files, and prevent remote embedding use before enabling it on sensitive data.

VirusTotal

59/59 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
index.js:47
Evidence
daemonProcess = execFile(PYTHON, [daemonScript, "--daemon"], {