File appears to expose a hardcoded API secret or token.
- Code
- suspicious.exposed_secret_literal
- Location
- dist/index.js:125
- Evidence
const accessToken = [REDACTED]();
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a normal AlphaXiv research plugin, with the main caveat that it stores an AlphaXiv OAuth token locally and the provided index.js artifact was partially truncated.
This skill looks internally consistent with its stated purpose. If you install it, expect to authenticate with AlphaXiv and have an AlphaXiv bearer token saved under your OpenClaw configuration directory. Do not share ~/.openclaw/alphaxiv/oauth.json or ~/.openclaw/.env. Because the supplied dist/index.js content was truncated, inspect the full package source yourself if you require high assurance before installing.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.exposed_secret_literal
const accessToken = [REDACTED]();