UI Whatsynaptor
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a real UI branding plugin, but it deserves review because its installer may loosen Control UI file permissions with sudo and its injected script changes UI settings beyond simple branding.
Use this only if you are comfortable with a global Control UI branding patch. Before installing, inspect the shell script, avoid approving chmod a+rw, back up dist/control-ui/index.html, test in a non-production profile, and verify that disabling the plugin removes its injected assets.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, other local users or processes could potentially modify the Control UI HTML and inject their own frontend code.
Using sudo to make the UI file writable by all users is broader than needed and changes the local permission boundary for a global Control UI file.
If the installed Control UI `index.html` is read-only, the installer prompts before running `sudo chmod a+rw ...`.
Do not use chmod a+rw on the Control UI file; prefer least-privilege ownership or user-only write permission, confirm the exact path, and restore safe permissions after installation.
The installer can change local OpenClaw UI files and may request elevated permissions.
The skill asks the user to execute a bundled shell installer. This is purpose-aligned for a UI patcher, but it is still local code execution outside a declarative install spec.
./scripts/install-ui-whatsynaptor.sh
Read the installer before running it, run it as the least-privileged user possible, and avoid approving sudo changes unless you understand the exact file being changed.
A faulty or unwanted branding change could affect the Control UI for users until the plugin is disabled and cleanup succeeds.
The plugin automatically applies the branding injection when its service starts. This matches the stated purpose, but it means enabling the plugin mutates the Control UI without a separate per-run confirmation.
start: async (ctx) => { await applyBrandingInjection({ ... }); }Back up the Control UI index.html, test in a non-production OpenClaw profile first, and verify disabling the plugin removes its injected block.
Your Control UI theme preference may be overwritten and kept in the plugin's preferred dark theme while the overlay is active.
The injected frontend script rewrites OpenClaw Control UI theme settings in localStorage, which is not clearly called out in the branding-change list.
parsed.themeMode = "dark"; ... parsed.theme = "claw"; ... window.localStorage.setItem(key, JSON.stringify(parsed));
Install only if forced theme branding is acceptable; the publisher should disclose this behavior and ideally make it configurable.
Opening the Control UI may contact Google Fonts, which can affect privacy, offline use, or environments that block external resources.
The Control UI will load fonts from an external Google Fonts URL. This is common for branding, but it adds a runtime third-party dependency.
@import "https://fonts.googleapis.com/css2?family=Manrope...
Self-host fonts or remove the import if you need a fully local/private Control UI.