ClawHub
Back to plugin

Security audit

Native OS Keychain

Security checks across malware telemetry and agentic risk

Overview

This package coherently provides an OpenClaw secret resolver backed by the operating system keychain, with no evidence of hidden network access or unrelated behavior.

This is reasonable to install if you want OpenClaw to resolve secrets from your OS keychain. Treat the CLI carefully: avoid passing real secrets directly in commands when your shell history or process list may capture them, avoid displaying secrets unless needed, and clean up or rotate any plaintext .env files after migration.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to retrieve a secret with `ckg get` and notes that it prints the raw value, but it does not warn that displaying secrets on stdout can expose them via terminal scrollback, shell history when copied into commands, process pipelines, CI logs, or screen recording. In a secret-management tool, omission of this warning meaningfully increases the chance of accidental disclosure even if the functionality itself is legitimate.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The bulk import example documents migration from `~/.openclaw/.env` but does not warn that this source file contains plaintext secrets on disk during the migration window. That omission can mislead users into believing the migration flow is risk-free, delaying cleanup of the plaintext file or encouraging insecure handling of legacy secrets.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal