ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nano Gpt Plugin

v0.1.3

Access dynamic NanoGPT models with API key authentication, usage tracking, and support for multiple model families in the OpenClaw platform.

0· 59·0 current·0 all-time
by@forceconstant
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description, docs, and code consistently implement a NanoGPT OpenClaw provider (dynamic catalog, auth via API key, usage/balance endpoints). However the registry metadata claims no required environment variables while the code and manifest clearly expect a NANOGPT_API_KEY / provider API key (provider auth config and functions call resolveProviderApiKey/resolveApiKeyFromConfigAndStore). This metadata mismatch should be resolved.
!
Instruction Scope
The SKILL.md is minimal and aligned with the plugin purpose. But the repository includes final_integration_test.sh which, if executed, will tar up the plugin, ssh to a hardcoded remote host placeholder (ssh_gateway), run openclaw install on that host and invoke an onboarding command that injects $NANOGPT_API_KEY on the remote side; it also scp's gateway logs and session files back to the plugin directory. Those test steps can expose API keys and session transcripts to the remote host and transfer files over network — this is outside the normal provider scope and not documented in SKILL.md. If you won't run these scripts or the platform won't run them automatically, risk is limited; if you do run them, ensure the remote host is trusted and keys are handled safely.
Install Mechanism
There is no install spec in the registry (so nothing will be automatically downloaded/executed by the platform), which is lower risk. But the package contains full source and dev/test scripts. The integration/test script performs tar/ssh/scp operations (remote execution) — it's a high-impact developer script that should not be run on untrusted hosts. No remote download-from-arbitrary-URL install step is present in the plugin itself.
!
Credentials
The plugin legitimately needs a single service credential (NANOGPT_API_KEY) to access the NanoGPT APIs; that is proportionate. However the registry metadata omits required env vars while multiple files and the plugin entry reference the API key. Additionally, the integration script demonstrates transmitting that key to a remote host during onboarding, which could leak the credential if run against an untrusted machine.
Persistence & Privilege
The plugin does not request 'always: true' or other elevated persistent platform privileges. It is a normal provider plugin. The integration script does remove/replace the installed extension directory and clears session files on the remote host as part of its tests — those are installer/tester actions but not a platform-level always-on privilege.
What to consider before installing
This package appears to be a real OpenClaw provider for NanoGPT, but there are a few issues to check before installing: - Confirm API-key handling: the plugin expects a NANOGPT_API_KEY (see provider config and code) but the registry metadata claims no required env vars — ask the publisher to correct the metadata so you know what credentials are required. - Do NOT run final_integration_test.sh or any included test scripts against an untrusted or public remote host. The script copies the plugin to a remote 'ssh_gateway', runs onboarding with "$NANOGPT_API_KEY" on the remote side, and scp's logs and session files back — this will expose your API key and any session transcripts to that host. - If you want to use the plugin, prefer installing it via your trusted OpenClaw workflows (openclaw plugins install from a vetted package) and only provide the NanoGPT API key to OpenClaw via its documented onboarding mechanism. Verify openclaw.plugin.json/providerAuthChoices are set up as you expect. - Ask the publisher for a homepage/repository URL and a signed/verified package publication source. The registry shows an owner id but no homepage — lack of provenance reduces trust. - If you need higher assurance, request the publisher to remove or sanitize integration scripts (or document them clearly), or run a code review in a sandboxed environment first. If you can confirm the metadata and that you will not run the remote test script (or that the remote host is fully controlled/trusted), the plugin's code and behavior look coherent with its stated purpose. Otherwise treat the integration/test artifacts as a potential leak path for your API key and session data.

Like a lobster shell, security has layers — review code before you run it.

latestvk976bmg35gpex1hb5hbwamjr59849jea

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments