Security audit
Package
Security checks across malware telemetry and agentic risk
Overview
This appears to be a real Q-Claw WMS/ERP plugin, but it should be reviewed because it runs code, uses a default HTTP test backend, stores auth state, requests broad execution authority, and can persistently sync local skills.
Install only if you trust this publisher and intend to connect Q-Claw to the listed WMS/ERP backend. Before use, prefer configuring an HTTPS backend, confirm the requested permissions, understand where auth state is stored, and consider disabling or closely reviewing managed-skill synchronization.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Static analysis
No suspicious patterns detected.
