Back to plugin

Security audit

KaiporaLabs OpenClaw Observability

Security checks across malware telemetry and agentic risk

Overview

This appears to do what it claims: it records OpenClaw tool/model activity and exports it to a file or webhook that the user configures.

This looks internally coherent, but observability plugins can capture sensitive prompts, tool inputs, tool outputs, errors, and session metadata. Only enable the file exporter to a location you control, and only enable the webhook exporter with an endpoint you trust. Review the redaction keys and disable hooks you do not need, especially session or agent lifecycle hooks if your sessions may contain private data.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.