Security audit
DefenseClaw Security
Security checks across malware telemetry and agentic risk
Overview
This appears to be a security plugin that does what it says, but it intentionally gets broad visibility into LLM traffic, tool calls, and related credentials routed through DefenseClaw.
Install this only if you trust DefenseClaw and the configured gateway. By design, it may inspect prompts, responses, tool invocations, target URLs, and possibly LLM provider authorization material so traffic can be scanned and proxied. If you configure a remote sidecar or gateway, treat that as sending sensitive AI-agent activity off-machine. Also note that the registry metadata does not list the optional token/env variables documented by the plugin, so review those settings before enabling it.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
