Back to plugin

Security audit

AWS Bedrock Auth

Security checks across malware telemetry and agentic risk

Overview

This skill appears to perform the advertised AWS Bedrock MFA login, but it needs AWS credentials/CLI access and stores a temporary AWS session locally.

Before installing, confirm you want this skill to authenticate to AWS Bedrock using your configured AWS role, ensure the role is least-privileged, keep the local session file protected, and be aware that setting BEDROCK_DEFAULT_MODEL lets the command persistently switch OpenClaw's default model.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
src/aws-auth.ts:17
Evidence
execFile(cmd, args, { timeout: timeoutMs, env: { ...process.env, ...env } }, (err, stdout, stderr) => {