Back to plugin

Security audit

Strake

Security checks across malware telemetry and agentic risk

Overview

This plugin appears to do what it says: it registers Strake as an OpenClaw model provider and uses a Strake endpoint and token to proxy model requests.

This looks like a legitimate provider plugin, not a malicious skill. Before installing, make sure you trust Strake to hold the upstream API key, verify the STRAKE_BASE_URL value, and prefer short-lived or easily revocable tokens rather than long-lived secrets in shell profiles.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.