Back to plugin

Security audit

Proactive Trigger Plugin

Security checks across malware telemetry and agentic risk

Overview

The plugin's code, configuration schema, and runtime instructions are consistent with a chat-trigger/embedded-agent engine; it requests no unrelated credentials or installs and its behavior is explainable by the stated purpose.

This plugin is a local trigger engine that will monitor incoming group/channel messages and launch embedded agent runs according to rules stored in ~/.openclaw/openclaw.json. Before enabling it: 1) review and constrain rules so expensive or destructive automations require deterministic gates (chatTypes, requireMention, mustContain) rather than broad semantic intent; 2) restrict toolsAllow (avoid enabling tools that can perform external actions unless you trust them); 3) keep disableMessageTool=true for background tasks you don't want to produce messages, and be cautious with useCurrentSessionContext or allowGatewaySubagentBinding if you don't want automatic reply-binding or gateway-level actions; 4) inspect the persisted config file and rule management commands to ensure unauthorized users cannot add rules in chat. These steps mitigate the primary risk: automated embedded agent runs performing actions you didn't intend.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.