Back to plugin

Security audit

Humanclaw

Security checks across malware telemetry and agentic risk

Overview

HumanClaw is internally consistent with its stated purpose (a manual, copy/paste 'human-in-the-loop' provider) and does not request unexpected credentials or privileged install behavior, but installing it will add plugin code and pull normal npm dependencies and the workflow intentionally sends prompts to third-party chatbots (which can expose sensitive content).

HumanClaw implements an explicit manual workflow: prompts produced by OpenClaw are shown in your gateway terminal and you must copy them into a third-party chatbot and paste the response back. That means any sensitive data in prompts (API keys, PII, secrets, private documents, source code) will be shared with whatever chatbot you paste into. Before installing: 1) Review the plugin source (src/index.ts, src/console-channel.ts) if you can — the package includes executable code and will pull npm dependencies. 2) Avoid using HumanClaw for prompts containing secrets or private data; prefer local models or masked prompts if necessary. 3) Expect npm dependencies to be installed (transitive packages shown in pnpm-lock.yaml); run installs in a controlled environment if you are cautious. 4) If you want zero-network assurance, do not paste prompts into cloud chatbots; instead run a local model and paste to that. Overall the skill appears to do what it claims (benign), but be mindful of deliberate user-driven data sharing to third-party services.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.