Back to plugin

Security audit

OpenClaw Middleware Suite

Security checks across malware telemetry and agentic risk

Overview

The suite’s purpose is coherent, but it is a high-privilege auto-start plugin whose executable code is not present in the reviewed artifacts and whose “nothing leaves your machine” claim is too broad for its documented routing and notification features.

Before installing, inspect the actual npm package or source build that provides the dist entrypoints, then review the dashboard/CLI settings for model routing, PII sanitization, approval notifications, and startup activation. Do not rely on the “nothing leaves your machine” wording without confirming the provider and notification configuration.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.