Documentation contains a destructive delete command without an explicit confirmation gate.
- Code
- suspicious.destructive_delete_command
- Location
- README.md:88
- Evidence
rm -rf ~/.openclaw/memory-braid
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a real memory plugin that captures and recalls user memories, with no obvious unrelated permissions, but users should understand it can store conversation-derived memories and may use external AI services if configured.
Install this only if you want a plugin that can remember selected information across sessions. Review its configuration before enabling cloud/ML features, because captured memory text may be stored in Mem0 and optional OpenAI-based extraction can send text to OpenAI when configured. The main transparency caveat is that the registry declares no environment variables even though optional external-provider features may use API keys.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.destructive_delete_command, suspicious.env_credential_access, suspicious.exposed_secret_literal
rm -rf ~/.openclaw/memory-braid
process.env.OPENCLAW_STATE_DIR?.trim() ||
const key = process.env.OPENAI_API_KEY;
const apiKey = [REDACTED]?.trim() || process.env.MEM0_API_KEY;