Security audit
W&B Weave
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed W&B Weave observability plugin that can export full agent conversations and tool data, so it is privacy-sensitive but purpose-aligned.
Install only if you are comfortable sending OpenClaw trace data to W&B Weave. For sensitive work, set captureContent:false, avoid enabling conversation access unless needed, use a scoped W&B project/account, and do not rely on the plugin to redact secrets or private data.
VirusTotal
60/60 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
