Openclaw Msteams Bot Elvatis

The package mostly matches a Teams → OpenClaw connector but contains several implementation and deployment choices (hardcoded paths, reading another service's config, recommended ModSecurity disable) that are disproportionate or surprising and deserve review before installing.

What to check before installing: - Source verification: this package's registry metadata lacks a trustworthy homepage; prefer installing from a known repository and verify the maintainer identity (git commit history, maintainer email, repository URL). - Credentials & permissions: the plugin needs your Azure Bot App ID and App Password and, for file access, Graph app credentials with broad scopes (Files.ReadWrite.All, Sites.ReadWrite.All). Only grant these if you trust the code and you created the app with least privilege. Consider a dedicated Azure AD app with narrow permissions and limited lifetime secrets. - Gateway token & hardcoded paths: the plugin attempts to read a gateway token from /home/elvatis-agent/.openclaw/openclaw.json and forces HOME to /home/elvatis-agent when running the openclaw CLI. Confirm who/what 'elvatis-agent' is on your host. If you don't want the plugin to read that path, supply an explicit gateway token via plugin config (or change the code) before deploying. - Webserver protections: SKILL.md recommends disabling ModSecurity for /api/messages; do not disable WAF rules in production without understanding the implications. Ensure your reverse proxy and TLS are configured correctly and restrict inbound access to the webhook to Microsoft IPs or use Azure fronting where possible. - Run in isolation: deploy first to a staging VM or container, not on a production host. Observe network calls, file writes (tmp/ and session JSONL), and confirm deletion of temporary files. - Least privilege & auditing: create dedicated service accounts/keys, limit token lifetime, and rotate secrets. Enable logging and audit access to the plugin directory and the openclaw configuration file the plugin reads. - If you need higher confidence: ask the publisher for the upstream repo URL, a signed release, and an explanation for the hardcoded path choices. A code change that accepts the gateway token via pluginConfig (instead of reading a hard-coded file) and removes the ModSecurity recommendation would increase trust.