Security audit
Cortex Memory
Security checks across malware telemetry and agentic risk
Overview
Cortex Memory appears to be a coherent long-term memory plugin, but it persists conversation history and its CLI may print API-key-bearing configuration without redaction.
Install this only if you want OpenClaw to maintain cross-session memory. Use environment variables rather than literal API keys, do not share status/config output, review or disable automatic sync if you do not want old conversations imported, and configure only trusted embedding or LLM endpoints.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
