Baidu-Safe-Shield
Security checks across malware telemetry and agentic risk
Overview
The plugin is purpose-aligned as a safety filter, but its code appears to send analyzed prompt/tool data and authorization headers using plain HTTP, which needs review before use.
Only install after confirming the analyzer calls use HTTPS/TLS in your environment. If you proceed, use dedicated least-privilege Baidu credentials, keep debug logging off unless troubleshooting, and assume prompts, responses, and tool-call details are sent to the configured analysis service.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Prompts, model outputs, tool-call data, and request authorization could be exposed to network observers or sent without TLS protection.
The analysis payload is serialized and sent with an authorization header using Node's plain HTTP module. For a plugin that inspects LLM requests/responses and tool calls, this can expose sensitive content and signed authorization material in transit.
const payload = JSON.stringify(data); ... const http = await import("node:http"); ... "authorization": token, ... const req = http.request(options, (res) => {Verify the transport before installing; the plugin should use HTTPS/TLS for the Baidu analysis API and reject insecure endpoints by default.
Installing users may need to provide cloud credentials that allow the plugin to call Baidu's detection service.
The plugin requires Baidu Cloud API credentials for its security analysis service. This is expected for the integration, but users should understand which account and permissions are being delegated.
"access_key": { ... "description": "access_key # 百度云检测服务API密钥AK" }, "secret_key": { ... "description": "secret_key # 百度云检测服务API密钥SK" }Use least-privilege credentials dedicated to this service, rotate them if exposed, and avoid sharing broad cloud account keys.
Sensitive conversation or tool data could appear in logs if debug mode is turned on.
When debug logging is enabled, the code logs the full analysis payload, which may include user prompts, model outputs, or tool-call details.
logDebug("analyze", "api request", { "request_api": fullpath, "payload": payload, });Keep debug mode disabled in normal use and treat any debug logs as sensitive data.
The plugin code runs inside the OpenClaw plugin environment and can inspect or modify model/tool traffic according to its safety checks.
The package registers executable plugin code. This is expected for a gateway safety plugin that must inspect requests and responses, but users should not treat it as documentation-only.
"openclaw": { "extensions": [ "./index.ts" ] }Review the code and configuration as an active runtime extension, not just a set of instructions.