Security audit
Cron Hook
Security checks across malware telemetry and agentic risk
Overview
This plugin appears to do what it claims: run user-configured scripts to gate or replace scheduled OpenClaw model runs.
This appears internally coherent, but install it only if you want OpenClaw to run local scripts on cron or heartbeat events. Configure narrow match rules, point it only at scripts you trust, and be careful with logOutput because script stdout/stderr may include sensitive data. Remember that configured scripts can inherit OpenClaw's environment, so they may see credentials already available to the OpenClaw process.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
