Security audit
DomainAwareCompaction — 领域感知压缩
Security checks across malware telemetry and agentic risk
Overview
The plugin's code, commands, and runtime instructions coherently implement a domain-rule injection feature for prompt compaction; it requests no extra credentials or network access — but note that any SKILL.md content is prepended to system context (powerful, trust-sensitive behavior).
This plugin appears to do what it claims: it reads local SKILL.md files and prepends them to the system prompt to enforce domain compaction rules. That design is coherent, but be aware of the security implications: any SKILL.md you add (or any preinstalled SKILL.md you enable) becomes part of the system-level instructions for every LLM call. Only enable or add domain SKILL.md files you trust; avoid placing secrets or sensitive data in SKILL.md. If you operate in a multi-user environment, restrict who can write files into the plugin's skills/ directory and review SKILL.md contents before enabling domains. Also note a small doc mismatch: openclaw.plugin.json mentions before_compaction while the code uses before_prompt_build — not dangerous but worth checking if you expect different hook semantics.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
