Back to plugin

Security audit

OctoGlyphs

Security checks across malware telemetry and agentic risk

Overview

The plugin is mostly a local OctoGlyphs companion game, but it subscribes to a message hook that its own documentation says should be forbidden for privacy reasons.

Review before installing if your OpenClaw sessions may contain sensitive prompts or private work. The plugin appears designed to send only sanitized metadata to a local companion, but it currently subscribes to `message_received`, which its own documentation identifies as a forbidden content-bearing hook. Ask the publisher to remove that hook or clearly document why it is safe before using it on confidential projects.

VirusTotal

62/62 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.