OpenClaw Multi-LLM Adapter
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a normal multi-LLM adapter, but it uses provider API keys, sends prompts to external LLM services, and has some overbroad or incomplete documentation.
Install only if you are comfortable sending prompts to the configured LLM providers. Use dedicated API keys, avoid sensitive prompts unless provider policies permit them, pin dependencies, and verify the actual provider support before relying on the documented 100+ provider claims.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may assume broader provider coverage or mature fallback/load-balancing features than the included artifacts demonstrate.
The documentation claims broad LiteLLM/Gemini/100+ provider support, while the supplied requirements and visible CLI code mainly show OpenAI, Anthropic, requests, and Ollama support.
Universal adapter for multiple LLM providers. Unified interface for OpenAI, Anthropic, Google Gemini, Ollama, and 100+ providers via LiteLLM.
Verify supported providers and features in the actual code before relying on this for production or sensitive workflows.
If invoked with excessive autonomy, the agent may have more local capability than is strictly necessary for simple LLM API calls.
The skill requests broad local file and command capabilities. Running a Python CLI is purpose-aligned, but write access is not clearly explained by the shown code or instructions.
tools: - read - write - exec
Use the skill for explicit, user-directed commands and avoid granting broad file-write or shell authority unless needed.
Future dependency versions could introduce incompatibilities or supply-chain risk unrelated to the skill's visible code.
Dependencies are specified with lower-bound ranges and no lockfile/install spec, so the exact installed package versions can vary.
openai>=1.0.0 anthropic>=0.18.0 requests>=2.28.0
Install from trusted package indexes and pin reviewed dependency versions in a lockfile for sensitive use.
Provider keys may incur costs or access account resources when the skill sends requests.
The CLI reads provider API keys from environment variables to access LLM accounts. This is expected for the adapter, but the registry metadata declares no required env vars or primary credential.
api_key=os.environ.get('OPENAI_API_KEY')Use dedicated, least-privileged API keys where possible, monitor usage, and revoke keys if no longer needed.
Prompts, system messages, and tool descriptions may be processed by OpenAI, Anthropic, Ollama endpoints, or other configured providers.
User messages and optional tool schemas are sent to configured LLM provider APIs. This is the core function of the adapter, but it affects prompt privacy and data residency.
messages=[m.to_dict() for m in messages], tools=tools
Do not send secrets or sensitive data unless the selected provider and account policies are acceptable; be careful with automatic fallback or compare modes.