Security audit
ClawXRouter
Security checks across malware telemetry and agentic risk
Overview
The plugin's code, prompts, and config are coherent with its stated purpose (a local privacy-aware routing/proxy + local detector); it requests no extra env credentials and its behaviors (writing ~/.openclaw, starting a localhost proxy, using agent model/provider config) are expected for this functionality, though you should review local proxy/network trust and prompt usage before enabling.
This plugin appears to do what it says: run local detectors, run a local privacy proxy on localhost, and route requests to configured cloud providers. Before installing: 1) review your agent's provider configuration (api.config) because the plugin will read/route requests using provider baseUrls/apiKeys stored there — ensure you trust the plugin with those in-memory values; 2) confirm the proxy binds only to localhost (127.0.0.1) and that you’re comfortable with an on-device HTTP proxy that forwards to third-party endpoints; 3) inspect the included prompts (prompts/detection-system.md and token-saver-judge.md) if you want to verify what local models are told to do (they force strict JSON outputs); 4) check the plugin's config file (~/.openclaw/clawxrouter.json) and defaults to make sure S2/S3 rules and path lists match your policy (the rules mention ~/.ssh, ~/.aws, etc. as sensitive paths); and 5) if any of the truncated source files or runtime behaviors are critical for your security posture, review the remaining source before enabling for production. If you lack the ability to audit the full source, consider running the plugin in an isolated environment first.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
