[deprecated][Chrome channel for Openclaw]
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The artifacts look like a legitimate Sider Chrome-side-panel channel, but it stores relay tokens and relays activity through Sider, so users should install it only if they trust that service.
This appears to be a purpose-aligned Sider channel rather than malware. Before installing, make sure you actually want Sider/Chrome side-panel access, trust the configured Sider endpoint, and are comfortable with relay tokens and session activity being handled by that channel. The provided source in this review was partly truncated/omitted, so a full source review would improve assurance.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A Sider relay token can allow the paired Sider/Chrome channel to communicate with your OpenClaw until the token or channel configuration is removed.
The plugin exchanges a setup token for a persistent relay token and writes that token to the OpenClaw config. This is consistent with the documented pairing flow, but it grants ongoing channel access.
accountCfg.token = params.credentials.token; delete accountCfg.setupToken; ... await runtime.config.writeConfigFile(latestCfg);
Use pairing only with a Sider account and endpoint you trust, protect the OpenClaw config file, and remove or disable the channel when you no longer need it.
Conversation content, tool inputs/results, errors, and model usage for Sider-managed sessions may be visible through the Sider channel.
The plugin observes tool-call details and agent messages so they can be reflected through the Sider channel. This is useful for a side-panel channel, but the data can include sensitive task content.
api.on("after_tool_call", async (event, ctx) => {
await emitSiderToolHookEvent({ ... params: event.params, result: event.result, error: event.error ... });
});
api.on("before_message_write", (event, ctx) => {
recordSiderPersistedAgentMessage({ ... message: event.message });
});Avoid using the channel for highly sensitive sessions unless you trust Sider and understand what session activity is relayed.
A paired browser side panel can send messages into OpenClaw through the Sider channel.
The intended function is to let a browser side panel direct OpenClaw through this channel. That remote-control capability is expected for the plugin, but users should understand the trust boundary.
Please use this plugin to use your OpenClaw from Chrome Sidepanel.
Only pair with your own trusted browser extension/account, and disable the channel if you do not want browser-originated requests reaching OpenClaw.
Running the recommended installer requires trusting the referenced npm package and publisher.
The README recommends a user-directed npx installer for the moved/replacement package. This is common setup guidance, but it executes code fetched from the npm package source at install time.
npx -y @sider-ai/chrome-openclaw-sider-cli install
Run the installer only from a trusted environment and verify the package name/source before executing npx commands.