ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nimo AI Glasses

Connect AI smart glasses to OpenClaw via Companion App. Provides secure linkCode pairing, chat API, and SSE streaming for voice-controlled AI conversations t...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 15 · 0 current installs · 0 all-time installs
by@orideclaw
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description align with the included code: index.ts implements link-code pairing, session tokens, /nimo/* routes and internal calls to http://localhost:{port}/v1/chat/completions. The deploy.sh and README also request model API keys (optional) to configure the gateway — this is reasonable for routing requests to a model, but the metadata claims no required env vars while the scripts read/set OPENAI/GEMINI keys and gateway token, which is inconsistent and worth noting.
!
Instruction Scope
SKILL.md / README describe local-only flow and sensible endpoints. However deploy.sh performs system-wide actions: it may clear ~/.openclaw, sets gateway.bind to 'lan', enables HTTP endpoints, installs/updates openclaw globally, copies plugin files into ~/.openclaw/extensions, and sets a default GATEWAY_TOKEN. Binding the gateway to LAN and installing a weak default token (nimo-demo-2026) increases the risk of unintended network exposure. The SKILL.md also exposes and encourages setting a systemPrompt (able to override assistant behavior)—the pre-scan flagged a 'system-prompt-override' pattern which could be abused if not handled carefully.
Install Mechanism
There is no formal install spec in registry metadata (instruction-only), but a deploy.sh is included. The script uses npm install -g openclaw (a known registry) and copies local files into the user's OpenClaw extensions directory. There are no downloads from unknown hosts or archive extraction, which reduces risk compared to arbitrary remote fetches, but executing the script will modify user configuration and install global packages.
!
Credentials
The plugin itself requires no declared env vars, and runtime code mostly uses local endpoints. However deploy.sh expects/sets OPENAI_API_KEY or GEMINI_API_KEY and writes them into OpenClaw config, and it sets a default GATEWAY_TOKEN value. Requesting model API keys is proportionate for routing to models, but the default weak gateway token and automated insertion into gateway config are disproportionate and risky. The plugin also reads process.env.OPENCLAW_AGENT_ID and OPENCLAW_GATEWAY_PORT (not declared), which could be surprising.
!
Persistence & Privilege
The plugin does not request 'always: true' and is user-invocable. But deploy.sh and README direct changes to global OpenClaw configuration (plugins.allow, plugins.entries.*, gateway.bind, gateway.auth.token, env.*). That modifies system-wide gateway settings and can expose the gateway to the LAN/internet if misconfigured. This level of configuration change is within a plugin installer’s remit but should be treated as privileged and not done without user review.
Scan Findings in Context
[system-prompt-override] expected: The plugin intentionally exposes a 'systemPrompt' configuration to control the assistant's behavior; that explains why a pattern matching system-prompt override was found. However exposing and encouraging systemPrompt changes is a high-impact capability (it can change assistant behavior broadly), so treat it as a potential attack surface rather than a harmless config field.
What to consider before installing
This package implements what it claims (local pairing, chat endpoint, SSE) and the code is readable, but exercise caution before running the included deploy.sh or enabling it unmodified. Recommended steps: - Don't run deploy.sh as-is. Inspect and run its commands manually so you understand each change. - Do NOT accept the default GATEWAY_TOKEN; set a strong token or rely on your gateway's existing auth. The script's default (nimo-demo-2026) is weak and could expose your gateway. - Avoid binding the gateway to 'lan' or opening it to external networks unless you intentionally want that; keep it localhost-only if possible, or firewall/limit access to trusted IPs. - Review and (if necessary) remove/limit code paths that accept link codes or tokens if you plan to expose the gateway beyond your LAN. - Be aware that the plugin can set a systemPrompt that changes assistant behavior; do not allow untrusted parties to control that prompt (it can be used to manipulate responses or influence models). - If you want this plugin, prefer copying only the index.ts into your trusted plugin directory and enable it manually, rather than running the script which modifies global settings. If you want further help: tell me whether you plan to run the plugin on a private LAN/localhost-only machine or on a publicly reachable server, and I can provide concrete configuration edits and a safer installation checklist.
index.ts:117
Environment variable access combined with network send.
src/index.ts:117
Environment variable access combined with network send.
!
SKILL.md:34
Prompt-injection style instruction pattern detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
latestvk977shgv3wy61yyngzynkqbvy983z1pf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Nimo AI Glasses Plugin

Connect AI smart glasses to your OpenClaw Gateway for private, on-device AI voice conversations.

What it does

  • 🔗 Secure pairing — 6-digit one-time link code, auto-rotates after each pairing
  • 💬 Chat APIPOST /nimo/chat for text → AI reply
  • 📡 SSE streaming — real-time token-by-token AI responses via GET /nimo/events
  • 🔐 Session tokens — bearer-token auth with configurable expiry (default 60 days)
  • ⚙️ Configurable — custom system prompt, max response length

Installation

openclaw plugins install nimo-glasses

Then enable in your config:

{
  plugins: {
    entries: {
      "nimo-glasses": {
        enabled: true,
        config: {
          maxResponseLength: 300,
          systemPrompt: "You are an AI assistant in smart glasses. Be concise, no line breaks."
        }
      }
    }
  }
}

Restart the gateway:

openclaw gateway restart

Usage

  1. GET /nimo/health — get the current link code
  2. POST /nimo/pair — exchange link code for a session token
  3. POST /nimo/chat — send a message, get AI reply
  4. GET /nimo/events — SSE stream for real-time responses

Data Flow

Smart Glasses → STT → Companion App → OpenClaw Gateway (this plugin) → AI Agent → Reply → TTS → Glasses

Data does NOT pass through any third-party server. Direct connection to your own Gateway.

Files

7 total
Select a file
Select a file to preview.

Comments

Loading comments…