Back to plugin

Security audit

Stigmergy Scheduler

Security checks across malware telemetry and agentic risk

Overview

The plugin's code, instructions, and requirements are consistent with a pressure-field scheduler for OpenClaw and do not request unrelated credentials or perform unexpected network/exfiltration actions.

This plugin appears to do exactly what it claims: coordinate agents via an internal pressure field and dispatch subagent runs. Before installing: 1) review the repository (Production-Grade/stigmergy) and verify you trust the source; 2) do not include secrets or sensitive data in task descriptions or metadata because those strings are forwarded to subagent.run and stored in scheduler metrics; 3) consider installing in a staging environment first to observe behavior and logs; 4) if you expose OpenClaw gateway methods publicly, restrict access or remove/modify them to avoid leaking internal agent/task state; 5) note the plugin is marked enabledByDefault in its manifest — if you prefer manual enablement, change the config before starting.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.