Security audit
Cohere STT
Security checks across malware telemetry and agentic risk
Overview
This plugin is internally consistent with its stated purpose (a Cohere audio transcription provider); it requests a Cohere API key and calls Cohere's transcription endpoint and does not contain obvious data-exfiltration or unrelated credential demands.
This plugin appears to do exactly what it says: it sends audio files to Cohere's transcription API and requires a Cohere API key. Before installing: (1) verify the plugin source/repo (owner: livingghost) and that you trust it; (2) confirm the plugin manifest (openclaw.plugin.json) lists COHERE_API_KEY — the registry metadata above omitted that, so double-check you supply the correct env var/profile; (3) don't put unrelated or high-privilege secrets into COHERE_API_KEY — use a dedicated Cohere key with minimal scope and rotate it if possible; (4) prefer using an OpenClaw auth profile (auth-profiles.json) to avoid committing keys into environment or config; (5) be aware the plugin will make outbound HTTPS requests to api.cohere.com (or a configured baseUrl/proxy), so ensure that network egress policy is acceptable. If you need higher assurance, inspect the packaged npm release (or repository) and the openclaw/plugin-sdk/provider-http integration to confirm no unexpected behavior.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
