Pluginv1.0.0

Static analysis security

Claw Switchboard · Deterministic local checks for risky code patterns and metadata mismatches.

SuspiciousApr 19, 2026, 10:15 AM

Summary: Detected: suspicious.env_credential_access, suspicious.potential_exfiltration
Reason codes: suspicious.env_credential_accesssuspicious.potential_exfiltration
Engine: v2.4.0

criticalsrc/service.js:111

Environment variable access combined with network send.

const rawCandidates = [process.env.OPENCLAW_PACKAGE_ROOT, process.argv[1]].filter(Boolean);

warnsrc/service.js:52

File read combined with network send (possible exfiltration).

const content = await fs.readFile(filePath, "utf8");