Security audit
Sanna Governance
Security checks across malware telemetry and agentic risk
Overview
The plugin's code, instructions, and shipped constitutions match the stated purpose (governing OpenClaw tool calls and producing signed receipts); nothing requested is disproportionate to that goal.
This package appears to do what it says: intercept OpenClaw tool calls, evaluate them against bundled YAML constitutions, and write signed receipts. Before installing: (1) Review package.json for any postinstall scripts (npm lifecycle scripts run during install). (2) Be aware the plugin will read the OpenClaw config (~/.openclaw/openclaw.json) and will create a local receipt DB (default ~/.sanna/receipts/openclaw.db). (3) If you enable LLM semantic checks or OpenTelemetry, you may need to provide external credentials or endpoints — those features can cause outbound network activity and should be configured intentionally. (4) Consider enabling 'audit' mode first (non-blocking) to observe decisions before switching to 'enforce'.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
