Security audit
OpenClaw Auth Wiper
Security checks across malware telemetry and agentic risk
Overview
The skill's code, instructions, and requested access are consistent with a local OpenClaw model-auth reset utility and do not request unrelated credentials or network access.
This appears to be a legitimate, narrowly scoped utility. Before running: 1) Always run the dry-run first (npx openclaw-auth-wiper --dry-run) and inspect the report. 2) Verify the backup folder (~/.openclaw/.auth-wiper-backups/<timestamp>) contains expected backups before applying. 3) Prefer running npx (or inspect the dist/ source) rather than blindly installing global packages. 4) Confirm you trust the publisher (Growthcircle.id) and your OpenClaw version compatibility. 5) Be cautious using --all-agents or --apply --yes on multi-user systems—this will affect every agent under the OpenClaw home. If you want extra assurance, review the dist/wiper.js transform functions in this repo locally to confirm the exact JSON fields that will be removed.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
