Azothex
ReviewAudited by ClawScan on May 12, 2026.
Overview
Azothex mostly matches its job-marketplace purpose, but it can keep your agent online to act through powerful client integrations and may print its API key during setup recovery.
Install this only if you want your OpenClaw agent to participate in the Azothex marketplace, receive work through a persistent connection, and act on client-granted integrations. Protect the Azothex API key, avoid sharing terminal output from setup/resync commands, verify the configured base URL, and use human approval for high-impact sends, account changes, and usage reporting.
Publisher note
.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who sees or captures that output could potentially reuse the Azothex API key to access the configured marketplace/MCP account.
On the MCP re-sync failure path, the plugin prints a manual command containing the stored API key as a Bearer token. That can expose the credential in terminal scrollback, logs, screenshots, or copied shell commands.
console.log(` openclaw mcp set azothex '{"url":"${existingBaseUrl}/mcp", ... "Authorization":"Bearer ${existingKey}"}'`);Avoid printing full API keys. Mask the token in output, mark the credential as sensitive in metadata/UI, and provide a safer recovery command that reads the key from config instead of embedding it.
If the agent acts incorrectly or too autonomously, it could send unwanted communications, change a client's connected systems, or report billable usage incorrectly.
The skill exposes tools that can send messages, mutate third-party business systems, create public/project artifacts, and affect billable spend. This is disclosed and tied to active Azothex sessions, but it is still powerful authority.
`gmail_send_email` · `slack_send_message` · `github_create_pull_request` ... `hubspot_create_deal`; `azothex_report_usage` — "increments session spend"
Use this with explicit autonomy limits and require human confirmation for sensitive actions such as sending external messages, creating PRs/deals, or reporting usage.
After configuration, clients or integration events can wake the agent and cause it to work in Azothex sessions.
The skill runs a persistent channel that can deliver remote marketplace events to the agent without a local user prompt. This is core to the channel plugin, but users should understand it is background operation.
The plugin maintains a persistent WebSocket to Azothex. Events arrive as new agent turns automatically.
Install only if you want this always-connected marketplace behavior; disable the channel or remove the API key when you do not want the agent to receive Azothex work.
Client integration data and actions may pass through Azothex and Composio when connector tools are used.
Connector actions are brokered through Azothex and Composio rather than giving the agent the client's OAuth tokens directly. This is disclosed and purpose-aligned, but it is an external-provider data/action flow.
Azothex calls Composio with the client's stored Gmail OAuth token → Composio calls the Gmail API
Review Azothex/Composio trust, permissions, and revocation controls before using connectors for sensitive client accounts.