Plur Claw Publish
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent persistent-memory plugin, but it can run setup during install, persistently enable itself, and configure an unpinned MCP server outside the reviewed package.
Before installing, review the setup behavior, consider installing with npm lifecycle scripts disabled, inspect any changes to ~/.openclaw/openclaw.json, pin or remove the @plur-ai/mcp npx server, and decide whether auto-learning and auto-capture are appropriate for your conversations.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may recall, learn, and capture memories without asking each time.
The skill's memory prompt changes the agent's default behavior toward proactive memory-tool use. This is purpose-aligned, but it affects user control over when memory is used.
Do not ask permission to use these tools — they are your memory system.\n\nUse these tools proactively, not just when asked:
Install only if you want proactive memory behavior, and disable or edit memory settings if you prefer per-use approval.
Installing the package can execute code before the user explicitly enables or reviews the plugin configuration.
Installers that honor npm lifecycle scripts can run this setup code automatically during installation, with stderr suppressed and failures ignored.
"postinstall": "node dist/setup.js 2>/dev/null || true"
Install with lifecycle scripts disabled if possible, inspect the setup code, and run setup manually only after reviewing the intended config changes.
If an OpenClaw config already exists, the plugin may become persistently enabled across future sessions.
The setup code can write the OpenClaw config to enable this plugin and set it as the memory slot, creating persistent agent behavior.
entries[PLUGIN_ID] = nextEntry; ... slots.memory = PLUGIN_ID; ... writeFileSync(path, JSON.stringify(cfg, null, 2) + "\n", "utf8");
After installation, inspect ~/.openclaw/openclaw.json or OPENCLAW_HOME/openclaw.json and remove the plur-claw entry if it was not intentionally enabled.
OpenClaw may later start an unreviewed or changed version of @plur-ai/mcp as part of the agent environment.
Setup adds an MCP server that can later run an unpinned npm package via npx -y, meaning code outside the reviewed artifact set may be downloaded or executed.
servers.plur = { command: "npx", args: ["-y", "@plur-ai/mcp"], env: { PLUR_PATH: plurPath } };Require explicit approval before adding this MCP server, pin the exact @plur-ai/mcp version, and review that package separately.
Private, stale, or incorrect conversation details may persist and influence future sessions.
The plugin defaults to automatically creating persistent memories and episodic summaries from conversations, which is central to its purpose but sensitive.
"auto_learn": { "type": "boolean", "default": true, "description": "Auto-extract learnings from conversations" }, ... "auto_capture": { "type": "boolean", "default": true, "description": "Auto-capture episodic summaries" }Review where PLUR stores data, disable auto_learn or auto_capture if unwanted, and periodically inspect or delete stored memories.