Install source points to URL shortener or raw IP.
Warn
- Code
- suspicious.install_untrusted_source
- Location
- openclaw.plugin.json:13
- Evidence
"default": "http://127.0.0.1:8010"
Security audit
Security checks across malware telemetry and agentic risk
The plugin’s purpose is coherent, but it needs a bearer token and delegates to file, terminal, SSH, and summary agents while the referenced executable plugin code is not included for review.
Review this plugin before installing. Confirm the package includes the actual reviewed dist/source files, use a least-privilege agent-service token, keep the service URLs local or trusted, and test with dryRun or skip flags before allowing it to run the full workflow.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.install_untrusted_source
"default": "http://127.0.0.1:8010"