Back to plugin

Security audit

Sigui Security

Security checks across malware telemetry and agentic risk

Overview

This plugin is purpose-aligned, but it forwards detailed transaction and session context to a Sigui backend and can block wallet actions, so users should review its data-sharing scope before installing.

Install only if you trust the configured Sigui backend and are comfortable sending wallet destinations, amounts, raw transaction parameters, and session identifiers to it. Prefer a self-hosted or vetted HTTPS endpoint, avoid placing secrets in tool parameters, and verify watchedTools is explicitly scoped before using this with agents that can move funds.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access, suspicious.install_untrusted_source

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
index.js:222
Evidence
const apiKey = process.env[config.apiKeyEnvVar];

Install source points to URL shortener or raw IP.

Warn
Code
suspicious.install_untrusted_source
Location
openclaw.plugin.json:19
Evidence
"default": "http://127.0.0.1:8765"