ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Logfire

v0.1.2

Pydantic Logfire observability — OTEL GenAI traces, tool call spans, token metrics, distributed tracing

0· 601·0 current·0 all-time
byNick Amabile@namabile
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, openclaw.plugin.json schema, SKILL.md, and the TypeScript sources (hooks, otel.ts, metrics, propagation, util) all align: the plugin initializes OTEL export to Pydantic Logfire and instruments OpenClaw hooks. Requiring LOGFIRE_TOKEN as the primary credential is appropriate for a write-only tracing/metrics exporter.
Instruction Scope
Runtime instructions and code indicate the plugin records tool call spans, agent lifecycle spans, and token/latency metrics. By default 'captureToolInput' is true (captures tool arguments) while 'captureToolOutput' and 'captureMessageContent' are false; 'redactSecrets' defaults to true. This is coherent, but capturing tool arguments can inadvertently include sensitive values (file paths, CLI args, inline secrets) — reliance on pattern-based redaction is not a guarantee. Distributed-tracing injection exists but is disabled by default (enabled only if distributedTracing.enabled = true).
Install Mechanism
No arbitrary remote download/install step is embedded in the SKILL.md or plugin manifest; package.json and package-lock are included (npm package), and installation is via OpenClaw plugin mechanism/npm. There are no URLs to strange servers or shorteners for code pulls. The absence of an automated 'install' script in the registry metadata is fine here because the package contains source and an npm package reference.
Credentials
Only LOGFIRE_TOKEN is required as a credential. Optional fallback env vars (LOGFIRE_ENVIRONMENT, LOGFIRE_PROJECT_URL, LOGFIRE_PROVIDER_NAME) are reasonable for configuration. There are no unrelated secrets or numerous credentials requested.
Persistence & Privilege
always:false and no indication the plugin force-enables itself across agents. SKILL.md claims 'no local persistence' (streams traces to OTLP HTTP). The plugin registers OpenClaw hooks (normal for a plugin) and does not appear to modify other plugins' configs or request elevated system privileges.
Assessment
This package appears to do exactly what it claims: export OpenClaw spans/metrics to Pydantic Logfire. Before installing, consider: 1) Trust the destination — traces (even redacted) leave your host to logfire-api.pydantic.dev/eu. 2) Review or test the redaction logic (src/util.ts) if you have high-sensitivity data; pattern-based redaction can miss custom secrets. If unsure, disable captureToolInput or enable stricter redaction in config. 3) Use the EU region option if you need data residency. 4) Treat LOGFIRE_TOKEN like any write key: create a token with minimum scope, rotate it, and avoid embedding it in repos. 5) Deploy to a staging instance first to confirm no unexpected data is emitted. If you want, I can scan the specific util.ts and otel.ts functions for the exact redaction patterns and any other data-exfil patterns.

Like a lobster shell, security has layers — review code before you run it.

genaivk975hh2m4b4wzxnya2b4rgghdd8186pglatestvk975hh2m4b4wzxnya2b4rgghdd8186pglogfirevk975hh2m4b4wzxnya2b4rgghdd8186pgobservabilityvk975hh2m4b4wzxnya2b4rgghdd8186pgopentelemetryvk975hh2m4b4wzxnya2b4rgghdd8186pgotelvk975hh2m4b4wzxnya2b4rgghdd8186pgpydanticvk975hh2m4b4wzxnya2b4rgghdd8186pgtracingvk975hh2m4b4wzxnya2b4rgghdd8186pg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvLOGFIRE_TOKEN
Primary envLOGFIRE_TOKEN

Comments