Security audit
OpenClaw Airflow Plugin
Security checks across malware telemetry and agentic risk
Overview
The plugin's code, config schema, and runtime instructions are internally consistent with a read-only Airflow /api/v2 plugin that uses bearer tokens and only issues GET requests.
This plugin appears to do exactly what it claims: read-only access to Airflow /api/v2 using a bearer token. Before installing, ensure you supply the token and baseUrl only to systems you trust. Note the package contains source code (it's not purely an instruction-only stub), and the registry metadata's 'no install spec' contrasts with the package's npm install hints—this is likely benign but you may want to confirm the exact install flow (npm package vs local tarball) and inspect the token storage/visibility in your OpenClaw installation UI. If you need stronger network protections, keep allowPrivateHost and allowInsecureHttp disabled so localhost/private IP and http are blocked by default.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
