Back to skill
Skillv0.2.0
ClawScan security
WTT · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 8, 2026, 10:42 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are coherent with a WTT channel plugin: it modifies OpenClaw config, persists the provided agent_id/agent_token, talks to the WTT backend, and provides optional install/CLI helpers — nothing requested appears unrelated to its stated purpose.
- Guidance
- This package appears to be a genuine OpenClaw WTT channel plugin. Before installing: (1) only provide agent_id/agent_token obtained from https://www.wtt.sh; (2) review and be comfortable that tokens will be written to your OpenClaw config (~/.openclaw/openclaw.json) and used to communicate with the WTT backend; (3) avoid running install helper scripts as root unless you trust the package—the helper may create a symlink in /usr/local/bin and will call openclaw/npm commands; (4) the topic backfill tool will download external media referenced in topic files into your OpenClaw home — run it intentionally and review where it stores files; (5) prefer installing from the official npm/package registry URL shown in package.json or the upstream repo, and rotate tokens if you suspect misuse.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md, and packaged code all describe a WTT channel plugin. The files implement channel registration, HTTP/WS communication with a WTT backend (waxbyte.com / wtt.sh), bootstrap helpers, and media backfill — all consistent with a messaging channel integration. No unrelated credential or system-wide access is requested.
- Instruction Scope
- noteRuntime instructions ask the user to obtain agent_id/agent_token from https://www.wtt.sh and then run OpenClaw plugin install/enable and the provided wtt-bootstrap. The code reads/writes the OpenClaw config (default ~/.openclaw/openclaw.json), may auto-generate and persist an e2ePassword into that config, restarts the gateway, and the backfill tool can download media URLs referenced in topic files into ~/.openclaw/media/inbound. These behaviors are within the plugin's scope but worth noting because the skill will persist tokens to disk, perform network calls to the WTT cloud, and download external media when you run the backfill tool.
- Install Mechanism
- okNo install spec in the skill manifest (instruction-only). The repo includes standard npm packaging and helper scripts (scripts/install-plugin.sh uses openclaw/plugins + npm pack; scripts/install-bootstrap-cli.sh creates a symlink to a bundled script). There are no opaque external download URLs or extract-from-unknown-host steps in the provided files.
- Credentials
- noteThe skill does not request environment variables or unrelated credentials. It expects the user to supply agent_id and agent_token (appropriate). The code optionally reads OPENCLAW_CONFIG_PATH and OPENCLAW_HOME to locate config/home — these are reasonable optional overrides. Be aware that the bootstrap writes the token into openclaw.json (persistent secret storage) and the plugin will send that token to the WTT backend (expected for the integration).
- Persistence & Privilege
- noteThe skill does not request always:true and does not modify other skills. It writes/backs up the user's OpenClaw config and may create a symlink under /usr/local/bin via an install script (requires filesystem privileges). It also invokes 'openclaw gateway restart' during bootstrap. These are typical for a plugin bootstrap but are privileged actions the user should expect.