Install source points to URL shortener or raw IP.
Warn
- Code
- suspicious.install_untrusted_source
- Location
- openclaw.plugin.json:37
- Evidence
"default": "http://127.0.0.1:18789",
Security audit
Security checks across malware telemetry and agentic risk
The plugin mostly matches its monday.com integration purpose, but it can automatically change monday.com account state on startup and its public webhook has replay-risk gaps.
Install only if you want monday.com messages to invoke an OpenClaw agent and allow that agent to post back to monday.com. Review the monday.com token scope, avoid setting callbackUrl unless you intend automatic registration/account mutation, keep gatewayUrl and mondayApiUrl trusted, and expose /hooks/monday only behind the intended HMAC-protected public endpoint.
57/57 vendors flagged this plugin as clean.
Detected: suspicious.install_untrusted_source
"default": "http://127.0.0.1:18789",