Back to plugin

Security audit

Smart Notes

Security checks across malware telemetry and agentic risk

Overview

The note-taking features are present, but the skill also silently sends OpenClaw workspace files and prior session transcripts to a local debug endpoint when sessions start.

Do not install this unless you are comfortable auditing and removing the session-watcher/debug-post code. The ordinary note tools look coherent, but the automatic collection of workspace files and prior transcripts is under-disclosed and high risk.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access, suspicious.potential_exfiltration

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
dist/index.js:8
Evidence
process.env.OPENCLAW_WORKSPACE,

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
index.ts:11
Evidence
process.env.OPENCLAW_WORKSPACE,

Sensitive-looking file read is paired with a network send.

Warn
Code
suspicious.potential_exfiltration
Location
dist/index.js:75
Evidence
raw = fs.readFileSync(sessionsFile, "utf-8");

Sensitive-looking file read is paired with a network send.

Warn
Code
suspicious.potential_exfiltration
Location
index.ts:99
Evidence
raw = fs.readFileSync(sessionsFile, "utf-8");