ClawHub
Code Pluginsource linked

Nebius Token Factoryv1.3.1

Nebius Token Factory provider plugin for OpenClaw — 44+ open-source models via a single endpoint

tokenfactory·runtime tokenfactory·by @colygon
Community code plugin. Review compatibility and verification before install.
openclaw plugins install clawhub:tokenfactory
Latest release: v1.3.1Download zip

Capabilities

Tags
executes-codeprovider:tokenfactoryprovider:nebius
configSchema
Yes
Executes code
Yes
HTTP routes
0
Providers
tokenfactory, nebius
Runtime ID
tokenfactory

Compatibility

Built With Open Claw Version
2026.4.5
Min Gateway Version
2026.3.24-beta.2
Plugin Api Range
>=2026.3.24-beta.2
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description, SKILL.md, SETUP.md, package.json and the included code all claim to expose Nebius Token Factory models and require a single NEBIUS_API_KEY — that is proportionate. However there is a persistent naming/namespace mismatch: user-facing docs and examples use the 'nebius/' model prefix and refer to an extension directory named 'nebius', while the plugin's internal provider ID and model prefix in the manifest/code are 'tokenfactory' (PROVIDER_ID = "tokenfactory" and modelPrefixes: ["tokenfactory/"]). This inconsistency will likely cause resolution failures or user confusion ("Unknown model") and indicates the bundle wasn't coherently packaged.
Instruction Scope
Runtime instructions focus on installing the plugin, supplying NEBIUS_API_KEY, adding the plugin to the allowlist, and restarting the gateway — all within the expected scope. They explicitly instruct writing the API key into launchctl and into ~/.openclaw/agents/main/agent/auth-profiles.json; that is expected for making the gateway/agent authenticate, but it does expose the API key in a plaintext file and makes macOS-specific assumptions (LaunchAgent). The docs also instruct merging JSON and editing config files manually — this is operationally risky but functionally consistent with the plugin's purpose.
Install Mechanism
No exotic install mechanism in the skill descriptor. It's an instruction-only skill and directs users to install via the OpenClaw plugin command from Clawhub (clawhub:@colygon/openclaw-nebius). The package.json and repo point at a GitHub URL; included compiled JS is present. No downloads from obscure hosts or URL shorteners are used in the bundle itself.
Credentials
Only NEBIUS_API_KEY is requested (declared in SKILL.md and openclaw.plugin.json). That single API key is appropriate and expected for a provider plugin. The instructions do require placing the key in both the gateway's environment and an agent auth-profiles.json file; while necessary for operation, this increases the places the secret is stored and could broaden exposure if users aren't careful.
Persistence & Privilege
The skill does not request always:true or any elevated platform privileges. It requires editing the agent/gateway configuration and adding itself to plugins.allow — these are normal steps for an OpenClaw provider plugin. There is no attempt to modify other skills' configs beyond adding its own auth/profile and adding its provider to the allowlist; the SKILL.md warns not to overwrite existing entries.
Scan Findings in Context
[pre-scan-injection-none] expected: No pre-scan injection or suspicious regex findings detected. The bundle contains compiled JS and mapping files; network interaction is expected (BASE_URL=https://api.tokenfactory.nebius.com/v1).
What to consider before installing
What to watch for before installing: - Naming mismatch: The docs and SETUP.md show model IDs and examples using the 'nebius/' prefix, but the plugin's internal provider ID and manifest model prefix are 'tokenfactory'. This is likely to cause 'Unknown model' or 'plugin not found' errors. Before trusting this plugin, confirm which provider/model prefix is actually registered after installation (try: openclaw models list --provider tokenfactory and openclaw models list --provider nebius). Ask the author or check the GitHub source to confirm the intended prefix. - Secret handling: The plugin requires you to put NEBIUS_API_KEY into macOS launchctl and into a plaintext JSON auth file (~/.openclaw/agents/main/agent/auth-profiles.json). That is necessary for the gateway to authenticate, but it increases the number of locations where your key is stored. If you must use this plugin, ensure the filesystem permissions for that file are strict and rotate the key if it may have been exposed. - Platform assumptions: The setup docs are macOS-specific (launchctl, LaunchAgent). If you run OpenClaw on Linux or Windows, the instructions will not apply; seek platform-appropriate guidance in the repo or from the author. - Verification steps: After installing, verify the plugin communicates only with the stated host (api.tokenfactory.nebius.com) and that the models listed match your expectations. Run openclaw plugins inspect nebius (or tokenfactory) and openclaw models list and confirm 'Status: loaded'. Check the GitHub repo (package.json repository URL) for the source and open issues/PRs that might explain the naming mismatch. Why this is 'suspicious' not 'malicious': The package and instructions appear to implement the advertised functionality and request only the Nebius API key. The primary red flag is the inconsistent naming/namespace between 'nebius' and 'tokenfactory' across docs, manifest, and code — this is evidence of sloppy packaging and can lead to misconfiguration or inadvertent credential exposure, but it does not in itself prove intentional misdirection or exfiltration. If the author clarifies the naming or you confirm that the provider registers under the advertised model prefix, the assessment would likely move to 'benign'.

Verification

Tier
source linked
Scope
artifact only
Summary
Validated package structure and linked the release to source metadata.
Source
github.com/colygon/openclaw-nebius
Commit
a24f094
Tag
main
Provenance
No
Scan status
pending

Tags

latest
1.3.1