ClawHub
Code Pluginsource linked

Okki Gov1.0.7

B2B lead prospecting plugin for OpenClaw — search companies, find contacts, send outreach emails

openclaw-plugin-okki-go·runtime okki-go·by @okki-op
Community code plugin. Review compatibility and verification before install.
openclaw plugins install clawhub:openclaw-plugin-okki-go
Latest release: v1.0.7Download zip

Capabilities

Tags
executes-code
configSchema
Yes
Executes code
Yes
HTTP routes
0
Runtime ID
okki-go

Compatibility

Built With Open Claw Version
2026.3.24-beta.2
Min Gateway Version
2026.3.24-beta.2
Plugin Api Range
>=2026.3.24-beta.2
Plugin Sdk Version
2026.3.24-beta.2
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (lead prospecting, email outreach) match included files: openclaw.plugin.json declares apiKey and baseUrl config, and dist/index.js implements search, profile lookup, balance check, registration and email verification. The requested capability (an API key stored in plugin config) is appropriate for the stated purpose.
Instruction Scope
The SKILL.md content shown appears to be package/manifest JSON rather than human runtime instructions, but the plugin's runtime behavior is implemented in dist/index.js. The runtime code only calls the configured baseUrl endpoints and returns messages; it does not read local files, environment variables, or other system credentials. The verify flow asks the user to save the obtained API key with an openclaw config command and explicitly says to ask permission before running that command.
Install Mechanism
No install spec is present in the registry metadata (the plugin is delivered as package files). The package contains a normal plugin manifest and built JS; there are no remote download URLs, installers, or extract steps. Dependencies are a small TypeBox library. This is an expected distribution for an OpenClaw plugin.
Credentials
No environment variables or unrelated credentials are requested. The plugin requires a single plugin config value (apiKey) and optional baseUrl — both are justified by the API calls in the code. The apiKey is marked sensitive in the manifest. There are no requests for other service keys or system secrets.
Persistence & Privilege
always is false and the plugin does not request system-wide changes. It suggests a manual openclaw config set command to persist the API key (and instructs to obtain user permission first). The plugin does not modify other plugins or system settings.
Assessment
This plugin appears to do exactly what it says: it talks to an Okki Go API and needs a plugin API key stored in OpenClaw's plugin config. Before installing, verify the Okki service and base URL (default https://go.dev.okki.ai) are ones you trust. Only store an API key dedicated to this plugin (do not reuse high‑privilege keys), and grant the plugin permission to save the key only after you confirm the verification response. Note: the package contains built JS and a plugin manifest (not just prose instructions) — if you want source-level review, request the original TypeScript source or an upstream homepage/repository to inspect. If you have privacy or compliance concerns about sending contact data to the external API, review Okki's documentation and policies before use.

Verification

Tier
source linked
Scope
artifact only
Summary
Validated package structure and linked the release to source metadata.
Source
github.com/okki-op
Commit
-
Tag
-
Provenance
No
Scan status
clean

Tags

latest
1.0.7