This is a defensive safety plugin, but it reads local session history and can send recent conversation content plus flagged tool details to an LLM provider without tight session scoping or clear disclosure.
Review before installing, especially on shared systems or environments with secrets in chats. Use it only if you are comfortable with it reading OpenClaw session files and sending selected user-message context plus flagged command/path details to your configured LLM provider. Prefer a version that binds context to the active session, redacts or minimizes prompt data, clearly documents provider data flow, and fixes the package path/tsconfig inconsistencies.