Back to plugin

Security audit

CortexMem

Security checks across malware telemetry and agentic risk

Overview

CortexMem is a plausible memory plugin, but it deserves review because it auto-saves and reinjects user content by default, logs prompt snippets to a hard-coded path, and has install/source identity ambiguities.

Install only if you intentionally want persistent local memory for your agent. Before using it, verify the correct package/repository, consider disabling autoSave or autoInject, review where memories and logs are stored, and avoid storing secrets or sensitive conversations unless you have a clear deletion and retention plan.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.install_untrusted_source

Install source points to URL shortener or raw IP.

Warn
Code
suspicious.install_untrusted_source
Location
openclaw.plugin.json:40
Evidence
"default": "http://127.0.0.1:9721",