Beorx Cortex
Security checks across malware telemetry and agentic risk
Overview
This is a coherent paid crypto-intelligence plugin, but it needs review because it can use an EVM private key to automatically settle paid requests and can upload selected local screenshots.
Install only if you are comfortable using a dedicated low-balance Base USDC wallet for pay-per-request x402 payments. Do not use your main wallet private key, verify the configured Beorx/x402 URLs, prefer per-call approval or spend limits, and only upload screenshots that you are willing to share with the service.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a general wallet key is present in the OpenClaw environment, the plugin could use that key for paid Beorx requests.
The plugin may use a sensitive EVM payment private key from several environment variables, including the generic EVM_PRIVATE_KEY, not only a dedicated Beorx-scoped credential.
payerPrivateKey: normalizePrivateKey(config.payerPrivateKey ?? env.BEORX_PAYER_PRIVATE_KEY ?? env.BEORX_X402_PRIVATE_KEY ?? env.EVM_PRIVATE_KEY ?? env.OPENCLAW_TEST_PAYER_PRIVATE_KEY)
Use a dedicated, low-balance Base USDC wallet for this plugin, avoid exposing general-purpose wallet keys, and declare the required credential/env vars clearly.
A misconfigured endpoint, unexpected payment challenge, or repeated agent tool calls could spend from the configured wallet beyond what the user intended.
When the endpoint returns a 402 payment challenge, the code creates a payment payload and retries with a payment signature. The artifacts do not show local checks for maximum amount, expected payee, expected network, or explicit per-request user approval.
const paymentRequired = paymentClient.getPaymentRequiredResponse(...); const paymentPayload = await paymentClient.createPaymentPayload(paymentRequired); const paidHeaders = { ...requestHeaders, ...paymentClient.encodePaymentSignatureHeader(paymentPayload) };Add or require a local spend cap, accepted network/payee validation, request-count limits, and user approval for paid calls, especially for autonomous agent use.
Screenshots may reveal balances, account names, positions, or other private trading information to the provider endpoint.
The vision tool reads the user-provided local screenshot path and sends the image bytes to the configured vision endpoint as base64, which is purpose-aligned but sensitive.
const imageBytes = fs.readFileSync(resolvedPath); ... data_base64: imageBytes.toString("base64"), filename: path.basename(resolvedPath)Only provide screenshots you intend to share, redact sensitive account details where possible, and verify the configured vision URL before use.