cove
v1.0.3Chain of Verification (CoVe) — fact-check your responses against the user's knowledge base, memory, and web search before presenting them.
⭐ 0· 93·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The plugin declares and implements functionality to extract claims and verify them against local workspace files, agent memory (including a memory SQLite DB), optional vector stores, and optional Brave web search. Required bits (node runtime, optional LLM API keys or sidecar proxy, optional Brave key, vector store URL) are consistent with that purpose. Plugin metadata, code, and README consistently describe these capabilities.
Instruction Scope
SKILL.md and plugin.json explicitly state the skill reads ~/.openclaw/workspace/, ~/.openclaw/workspace/memory/, and ~/.openclaw/memory/main.sqlite — the implementation follows that and also collects top-level .md/.txt files from the .openclaw root and any user-configured document_paths. This is coherent with verification needs, but two points to be aware of: (1) the code uses a heuristic parser to extract printable text from the SQLite file (readMemoryDb) rather than using sqlite bindings; that will scan the binary DB for printable strings and could pull any long text stored there; (2) USAGE.md/README text and code caps (per-file and aggregate context caps) are applied, but install instructions suggest copying binaries into system paths (e.g., /usr/local/bin) which requires admin rights — installation is manual and not auto-run by the skill itself.
Install Mechanism
There is no automated installer in the registry spec (instruction-only install). The repo contains a CLI and README with copy/clone instructions; no remote downloads, URL shorteners, or extract-from-untrusted-URL installs are present. The plugin claims zero npm dependencies and uses only Node built-ins, which matches package.json. Installation guidance suggests copying files to system locations, which is normal but requires privilege and user consent.
Credentials
Requested environment variables are proportional: either a direct LLM API key (GEMINI/ANTHROPIC/OPENAI or COVE_LLM_API_KEY) or use of the local sidecar (OPENCLAW_PROXY_PORT / SIDECAR_PROXY_KEY). BRAVE_API_KEY is optional and only required for web search. Vector-store URL/api_key are optional and only used if configured. There is a small metadata mismatch: the registry summary showed 'required env vars: none' while plugin.json & SKILL.md indicate one-of GEMINI/ANTHROPIC/OPENAI (or sidecar) — this is a documentation/metadata inconsistency but not a functional red flag.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills' configs. It can be invoked autonomously by the agent (default platform behavior), but auto_verify is opt-in in config. The plugin logs to stdout (captured by OpenClaw) and can be configured to auto-correct responses; these are expected behaviours for a verification skill. No persistent backdoor or privilege escalation is present.
Assessment
This plugin appears to do what it says: it reads your OpenClaw workspace and agent memory, optionally queries a vector DB and Brave Search, and calls an LLM (either via direct API keys or the local sidecar) to verify claims. Before installing, consider: 1) review and consent to the directories it will read (~/.openclaw/workspace/, ~/.openclaw/workspace/memory/, ~/.openclaw/memory/main.sqlite and any paths you add to document_paths); 2) prefer using the local sidecar proxy if you do not want to supply direct LLM API keys to the plugin; 3) if you enable web search or a remote vector store, those network endpoints and API keys will be used — verify and limit them as needed; 4) the plugin extracts printable text from the SQLite memory DB using a heuristic parser (not a sqlite binding) — if your DB contains sensitive blobs or large binary artifacts, review that behavior first; and 5) installation instructions suggest copying files to system locations (/usr/local/bin), which requires admin rights — perform the copy only if you trust the code and review the source (it is included). If you want extra assurance, run the included tests in a non-sensitive environment and inspect the cove source files for any changes before enabling auto_verify.Like a lobster shell, security has layers — review code before you run it.
latestvk9716rp7degz0bbx19zs0yd3c583ht2h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
✅ Clawdis
Binsnode