Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- index.js:1478
- Evidence
const list = execSync('openclaw cron list --json 2>/dev/null', { encoding: 'utf8' });
Security audit
Security checks across malware telemetry and agentic risk
OpenClaw Shield appears purpose-built for security monitoring, but it deserves review because it includes automatic install/update code paths and sends monitoring data to an external Shield service.
Install only if you intend to run a background security-monitoring integration. Before enabling it, review the publisher and update mechanism, consider setting autoUpdate to `notify-only` or `false`, keep redaction enabled, try dry-run mode first, and protect the local Shield credential files.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec
const list = execSync('openclaw cron list --json 2>/dev/null', { encoding: 'utf8' });