Back to plugin

Security audit

Package

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Q-Claw WMS/ERP plugin, but it should be reviewed because it runs code, uses a default HTTP test backend, stores auth state, requests broad execution authority, and can persistently sync local skills.

Install only if you trust this publisher and intend to connect Q-Claw to the listed WMS/ERP backend. Before use, prefer configuring an HTTPS backend, confirm the requested permissions, understand where auth state is stored, and consider disabling or closely reviewing managed-skill synchronization.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.