Back to plugin

Security audit

memory-braid

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real memory plugin that captures and recalls user memories, with no obvious unrelated permissions, but users should understand it can store conversation-derived memories and may use external AI services if configured.

Install this only if you want a plugin that can remember selected information across sessions. Review its configuration before enabling cloud/ML features, because captured memory text may be stored in Mem0 and optional OpenAI-based extraction can send text to OpenAI when configured. The main transparency caveat is that the registry declares no environment variables even though optional external-provider features may use API keys.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.destructive_delete_command, suspicious.env_credential_access, suspicious.exposed_secret_literal

Documentation contains a destructive delete command without an explicit confirmation gate.

Warn
Code
suspicious.destructive_delete_command
Location
README.md:88
Evidence
rm -rf ~/.openclaw/memory-braid

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
src/entities.ts:45
Evidence
process.env.OPENCLAW_STATE_DIR?.trim() ||

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
src/extract.ts:253
Evidence
const key = process.env.OPENAI_API_KEY;

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
src/mem0-client.ts:532
Evidence
const apiKey = [REDACTED]?.trim() || process.env.MEM0_API_KEY;