Install source points to URL shortener or raw IP.
Warn
- Code
- suspicious.install_untrusted_source
- Location
- openclaw.plugin.json:12
- Evidence
"default": "http://14.103.148.99:9199"
Security audit
Security checks across malware telemetry and agentic risk
OpenOffice Sync is coherent, but by default it automatically sends agent messages and tool-call details to a public HTTP IP gateway and persists sync data, so users should review it before enabling.
Install only if you trust or control the OpenOffice gateway. Before enabling, change gatewayUrl to a trusted HTTPS/self-hosted endpoint, consider disabling message/tool-call sync, reduce detailLevel, and review local and server-side log retention.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.install_untrusted_source
"default": "http://14.103.148.99:9199"