Install source points to URL shortener or raw IP.
Warn
- Code
- suspicious.install_untrusted_source
- Location
- openclaw.plugin.json:40
- Evidence
"default": "http://127.0.0.1:9721",
Security audit
Security checks across malware telemetry and agentic risk
CortexMem is a plausible memory plugin, but it deserves review because it auto-saves and reinjects user content by default, logs prompt snippets to a hard-coded path, and has install/source identity ambiguities.
Install only if you intentionally want persistent local memory for your agent. Before using it, verify the correct package/repository, consider disabling autoSave or autoInject, review where memories and logs are stored, and avoid storing secrets or sensitive conversations unless you have a clear deletion and retention plan.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.install_untrusted_source
"default": "http://127.0.0.1:9721",