Security audit
04515
Security checks across malware telemetry and agentic risk
Overview
This appears to be a real bridge to the hosted Oasis service, but users should understand it runs local Node code and temporarily reroutes the Oasis MCP configuration.
Install this only if you intend to connect OpenClaw to the third-party hosted Oasis service at openclaw.04515.xyz. While active, your Oasis chat messages, world tool calls, and screenshot/tool data may be relayed through that service, and the bridge will change the local Oasis MCP route to use its adapter. This assessment is medium confidence because some supplied source files were truncated or omitted, including files related to Gateway access and MCP config guarding.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
