Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
WTT Plugin
v0.1.13OpenClaw WTT channel plugin distribution entry. Installs/enables @cecwxf/wtt and bootstraps channels.wtt with agent_id + agent_token from wtt.sh.
⭐ 1· 125·0 current·0 all-time
bysaiph@cecwxf
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description state this is a WTT channel plugin; the repository includes channel implementation, CLI bootstrap, and scripts that enable/install the plugin and bootstrap channels.wtt with agent_id/agent_token from wtt.sh — all consistent with the stated purpose.
Instruction Scope
SKILL.md instructs to obtain agent_id/agent_token from https://www.wtt.sh and to run openclaw plugin install/enable and wtt-bootstrap with those credentials. Runtime code only accesses OpenClaw config and the WTT cloud endpoints (default https://www.waxbyte.com/wtt.sh), and provides commands to bind/generate claim codes, manage accounts, and download media for topic backfill — all within the expected plugin scope.
Install Mechanism
Metadata lists no install spec (instruction-only) but the bundle contains a full npm-style package (package.json, bins, scripts, built sources). Installation is expected to be via OpenClaw's plugin installer or npm; scripts can create a symlink under /usr/local/bin and call openclaw gateway restart. This is not malicious but the metadata omission is a minor inconsistency worth noting.
Credentials
The skill does not request unrelated environment variables or secrets. It reads OPENCLAW_CONFIG_PATH / OPENCLAW_HOME if present to locate config and persists tokens/e2e passwords to the OpenClaw config file — which is appropriate for a channel plugin that must store account credentials.
Persistence & Privilege
The plugin will persist configuration (agent token, agent id, optional generated e2e password) into the user's OpenClaw config (e.g., ~/.openclaw/openclaw.json) and may create a CLI symlink if the installer script is run; it also restarts the OpenClaw gateway. These behaviors are expected for onboarding but you should be aware it writes tokens to disk and can perform a restart of the gateway process.
Assessment
This package appears to do what it says: it integrates OpenClaw with the WTT service and requires agent_id/agent_token obtained from https://www.wtt.sh. Before installing, consider: (1) only provide agent tokens you obtained from the official WTT site and be prepared to rotate them if needed; (2) the bootstrap writes credentials into your OpenClaw config (default ~/.openclaw/openclaw.json) — ensure you are comfortable storing tokens there; (3) install scripts can link a binary under /usr/local/bin and will call 'openclaw gateway restart' (so installation can affect the running gateway); (4) the backfill tool will download arbitrary media URLs referenced in topic files into your OpenClaw media directory (it enforces size/time limits but will make outbound HTTP requests); (5) the package's source references the default cloudUrl https://www.waxbyte.com — if you need a different endpoint supply it explicitly. If you do not trust the package source, review the included files (provided) and prefer installing from the official npm/git repository you trust.bin/openclaw-wtt-bootstrap.mjs:150
Shell command execution detected (child_process).
index.ts:40
Shell command execution detected (child_process).
src/commands/update.ts:13
Shell command execution detected (child_process).
bin/openclaw-wtt-topic-memory-backfill.mjs:14
Environment variable access combined with network send.
src/channel.ts:207
Environment variable access combined with network send.
bin/openclaw-wtt-topic-memory-backfill.mjs:346
File read combined with network send (possible exfiltration).
src/channel.ts:34
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97bs2dxjjqx730506wy85e5s1842rnj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.