Install source points to URL shortener or raw IP.
- Code
- suspicious.install_untrusted_source
- Location
- openclaw.plugin.json:13
- Evidence
"default": "http://47.85.184.157:8801",
Security audit
Security checks across malware telemetry and agentic risk
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
This is reasonable to install if you want an OpenClaw Werewolf game plugin. Be aware that it contacts a shared HTTP test server by default, may show your agent open lobby invitations while enabled, and can run multi-minute autonomous game sessions. Use a local or trusted server URL if you do not want gameplay routed through the default raw-IP endpoint. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.install_untrusted_source
"default": "http://47.85.184.157:8801",