ClawXMemory
Security checks across malware telemetry and agentic risk
Overview
ClawXMemory is a coherent memory plugin, but it stores full conversations and appears to use environment-based credentials for network LLM extraction without clearly declaring that credential use.
Install only if you want OpenClaw conversations stored as persistent memory. Before enabling it, check which LLM provider credentials are available in your environment, keep the dashboard on 127.0.0.1, and adjust or disable full-session capture, auto-indexing, add, and recall if that is broader than you want.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
API keys or other environment secrets may be used to send memory-extraction requests to an external provider, and that credential pathway is not clearly visible in the declared install contract.
This shows the LLM extraction path can read an environment-named secret and use it in network activity, while the registry requirements list no required env vars, env var declarations, or primary credential.
Static scan at line 2013: "Environment variable access combined with network send"; code snippet: "process.env[configured]"
Declare the supported credential/env-var names and provider destinations, require explicit user configuration, and run the plugin only with narrowly scoped provider credentials.
Private conversation details may be stored in the local SQLite memory and later recalled into future agent context.
The plugin persists memory locally and defaults to capturing full sessions, including assistant messages; this is central to a memory plugin but means sensitive conversation context can be retained and reused.
"dataDir": { "description": "Base directory used to persist local memory data." }, "captureStrategy": ... "default": "full_session", "includeAssistant": { "default": true }Review the configured data directory, use clear/export controls carefully, and disable or narrow capture/recall settings if you do not want broad persistent memory.
The plugin may continue updating and using memory without a manual indexing command each time.
Periodic indexing and automatic add/recall are enabled by default. This is disclosed and purpose-aligned, but it is background persistence that users should understand.
"autoIndexIntervalMinutes": { "type": "integer", "default": 60 }, "recallEnabled": { "default": true }, "addEnabled": { "default": true }Set the auto-index interval to 0 or disable add/recall if you only want manual memory use.
Anyone with access to the local machine/session may be able to view the dashboard and inspect stored memory.
The plugin starts a local dashboard by default. It is bounded to loopback and described as read-only, but it can display stored memory data to local browser/process access.
"uiEnabled": { "default": true }, "uiHost": { "default": "127.0.0.1" }, "uiPort": { "default": 39393 }, "help": "Start local read-only dashboard server"Keep the UI host bound to 127.0.0.1 and disable the dashboard if you do not need it.