Documentation contains a destructive delete command without an explicit confirmation gate.
Warn
- Code
- suspicious.destructive_delete_command
- Location
- README.md:303
- Evidence
rm -rf ~/.openclaw/extensions/gmail
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a Gmail/IMAP email plugin that asks for the kind of mail access and local file writing its description requires.
This plugin is coherent with its stated Gmail/IMAP purpose, but it is inherently powerful: if installed and enabled, your agent can read your mailbox, download attachments to disk, and potentially send or reply to emails if those tools are allowed. Only enable the specific tools you need, keep the default send confirmation enabled, and treat the Gmail app password like a real password.
62/62 vendors flagged this plugin as clean.
Detected: suspicious.destructive_delete_command
rm -rf ~/.openclaw/extensions/gmail