Back to plugin

Security audit

OpenClaw AI Video Editor

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-editing plugin, but the packaged runtime uses undocumented legacy API environment variables while sending user edit requests and project data to a remote backend.

Review before installing. Use it only if you are comfortable sending prompts, media references, project IDs, and scene data to the configured video-editing backend. Verify the actual runtime environment variables before use, and prefer requirePlanApproval or explicit confirmation for edits that change or export user content.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
dist/index.js:17
Evidence
const raw = String(process.env.ADSCENE_API_URL || '').replace(/\/+$/, '');

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
index.ts:48
Evidence
process.env.LEVEA_API_URL || process.env.ADSCENE_API_URL || ''