Back to plugin

Security audit

ClawFirewall

Security checks across malware telemetry and agentic risk

Overview

ClawFirewall's code, docs, and runtime behavior match its stated purpose as a local pre-call cost-and-token guard; it requests no external credentials or installs and contains no evidence of exfiltration.

This plugin appears to be what it claims: a local pre-call cost and token guard. Before installing: (1) keep debug disabled in production to avoid extra logging; (2) review any runtime code you integrate into your agent to confirm you only pass non-sensitive objects to the guard (the plugin redacts keys by name but will log whatever event object you give it when debug is on); (3) if you override model pricing ensure the overrides are correct for your billing; and (4) verify you are comfortable with a small npm dependency (zod). If you need stricter auditing, run the included tests and examine runtime logs locally with debug:true in a safe environment.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.