Back to plugin

Security audit

ClawMetry Plugin

Security checks across malware telemetry and agentic risk

Overview

ClawMetry appears to be a disclosed observability plugin, but it handles sensitive agent telemetry and can install a persistent local dashboard with optional cloud sync.

This skill is reasonable for local OpenClaw observability, but install it only if you are comfortable with a dashboard that can see agent sessions, memory/log data, and usage costs. Keep the host at 127.0.0.1 unless you need LAN access, avoid cloud sync unless you trust the ClawMetry cloud path, and review the external pip/curl installer before using the persistent service setup.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.