Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- openclaw_compat.js:74
- Evidence
const result = spawnSync(command[0], command.slice(1), {
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a disclosed bridge plugin for Mai that runs the local Mai Python CLI and can use optional hosted-registry credentials, so users should only point it at a trusted Mai checkout and registry.
Install this only if you intend to use the Mai shopping/registry workflow. Verify that the Mai skill checkout and projectRoot/MAI_ROOT are trusted, configure registryUrl and MAI_API_KEY only for a registry you trust, and review any catalog, order, push, or registry-order action before letting the agent proceed.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec
const result = spawnSync(command[0], command.slice(1), {