Back to plugin

Security audit

EdgeOps

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate-looking EdgeOps administration plugin, but it gives an agent broad remote operations power, including SSH, remote file writes, prompt/config changes, and server-defined dynamic tools, without enough local guardrails shown in the package.

Install only if you trust the EdgeOps server configured by baseUrl and the operators who control its manifest. Use a least-privilege EdgeOps token, prefer a self-hosted or verified base URL, restrict which agents can use claw-ops, and review dynamic tools before allowing the agent to perform SSH, file-write, or prompt-update actions.

VirusTotal

65/65 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.