Back to plugin

Security audit

QNAIGC API

Security checks across malware telemetry and agentic risk

Overview

This plugin is internally consistent: it registers an OpenClaw provider that uses a single QNAIGC API key and contains no extraneous installs, files, or unexpected credential requests.

This plugin appears to do what it claims: enable QNAIGC models via an API key. Before installing, confirm you trust the QNAIGC service and where you obtain the key (README points to qiniu.com while the plugin talks to https://anthropic.qnaigc.com). Only provide a key with the minimum needed permissions, consider using a dedicated/rotatable key, and remove it if you no longer use the plugin. Because the agent can call installed providers autonomously (normal behavior), only install providers you trust.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.