Shell command execution detected (child_process).
- Code
- suspicious.dangerous_exec
- Location
- dist/cli.js:3523
- Evidence
nextDb.exec("PRAGMA journal_mode=WAL;");
Security audit
Security checks across malware telemetry and agentic risk
This plugin appears purpose-built for Mnemospark wallet and cloud storage workflows, but it automatically changes OpenClaw execution policy and handles wallet/private-key/payment actions with too little runtime user control.
Install only if you are comfortable with a plugin that can start a local proxy, use or create an EVM wallet key, interact with Mnemospark backend services, upload/download/delete stored data, settle payments, and modify OpenClaw agent/exec-approval configuration. Review the automatic runbook behavior, consider setting MNEMOSPARK_DISABLE_OPENCLAW_PREREQ=1 if you do not want config mutation, and avoid wallet export unless you can protect terminal output and logs.
65/65 vendors flagged this plugin as clean.
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal
nextDb.exec("PRAGMA journal_mode=WAL;");nextDb.exec("PRAGMA journal_mode=WAL;");const syncResult = spawnSync(process.execPath, [syncScript], {const envPort = process.env.MNEMOSPARK_PROXY_PORT;
const envPort = process.env.MNEMOSPARK_PROXY_PORT;
privateKey: [REDACTED],
privateKey: [REDACTED],