Security audit
SGA-MCTS Atoms
Security checks across malware telemetry and agentic risk
Overview
This skill appears to do what it says: it stores and retrieves OpenClaw session “atoms” locally using SQLite, without asking for credentials or contacting external services.
This looks internally coherent. Before installing, be aware that it will persist reusable text atoms from approved sessions in a local SQLite database and may surface them in future planning, so sensitive information included in those atoms could be reused later. If supply-chain provenance matters to you, verify the referenced GitHub repository and the npm dependency better-sqlite3.
VirusTotal
61/61 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
