Back to plugin

Security audit

TangleClaw Google OAuth

Security checks across malware telemetry and agentic risk

Overview

This plugin gives an OpenClaw agent broad Google Workspace access, but the access is clearly disclosed, purpose-aligned, and gated by user-directed OAuth setup and skill instructions.

Install only if you are comfortable giving an agent access to a real Google account. Prefer a dedicated Google account, share only the files or folders it needs, protect the local credential and token files, and revoke the Google OAuth grant if you stop using the plugin.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Unrestricted Tool Access

Medium
Category
Excessive Agency
Content
tiers: call them only for the token-refresh flow described at the bottom, and
never volunteer a re-auth the user didn't ask about.

## Rule zero: never narrate, always re-call

Every tool below performs a real network call against Google. The underlying data **changes between turns** — new mail arrives, the user adds calendar events, files appear in shared folders, sheet cells update. When the user asks anything like "do you see it now / what's new / did it arrive / what changed", **call the tool again from scratch**. Never reuse a previous tool result as the answer to a fresh question. Never say "let me check" without then immediately calling the relevant tool — those words must be followed by an actual tool invocation in the same turn.
Confidence
84% confidence
Finding
call Every tool

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.