ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

DG-LAB

v1.0.3

An OpenClaw plugin that controls DG-Lab V3 electrostimulation devices via WebSocket with AI-driven commands and emotion-triggered stimulation.

0· 73·0 current·0 all-time
by枫莹@fengying1314
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (DG-LAB V3 controller with AI emotion-triggered stimulation) matches the shipped files and runtime behavior: a WebSocket server, QR pairing, waveform library, protocol handling, and an emotion engine that converts assistant replies into stimulation commands. No unrelated credentials or services (AWS, etc.) are requested.
Instruction Scope
SKILL.md and the code direct the agent to run plugin lifecycle actions, start an in-process WebSocket server, read/write plugin data under the user's OpenClaw workspace, generate QR images, and optionally enable an emotion engine that scans AI reply text and can autonomously trigger stimulation. That behavior aligns with the described purpose but grants the agent/tags the plugin scope to analyze assistant replies and send physical-device commands — a capability that carries inherent safety concerns (explicitly warned in the docs).
!
Install Mechanism
The registry entry contains no formal install spec, but SKILL.md recommends a one‑line curl|bash installer from raw.githubusercontent.com (a common but higher-risk pattern because it downloads and executes a remote script). The package also supports npm install and manual cloning. The distributed JS files are present, which reduces the need for arbitrary remote downloads, but the recommended one‑click installer remains a vector to be cautious about.
Credentials
The skill requires no credentials or special environment variables. It does read/write files under ~/.openclaw (media and plugin data) and expects the host to expose a public IP / open TCP port (default 18888) so the DG-Lab App can connect — that network exposure is necessary for the plugin's stated function but has security implications (publicly reachable WebSocket).
Persistence & Privilege
The plugin registers an in-process service with the OpenClaw Gateway (normal for plugins) and is not marked always:true. However, it exposes agent-invocable tools (dg_shock, dg_pulse_list, qr generation) and an emotion engine that can trigger stimulation from assistant replies. Autonomous invocation plus ability to control a physical device increases risk — this is expected for the plugin's purpose but should be considered before enabling autonomous agents or the emotion mode.
Assessment
This plugin appears to do what it claims (control DG-Lab V3 devices over WebSocket, include an emotion engine that maps assistant replies to stimulation), but it can directly cause physical stimulation and requires opening a public port. Before installing: - Do not run the one-click curl|bash installer unless you audit the install script on GitHub first — prefer npm install or cloning the repo and reviewing the code. - Understand you must open/forward TCP port (default 18888) so devices can connect; restrict access (use firewall rules, VPN, or localhost-only with SSH tunnel) to avoid unauthorized binding. - The plugin can be invoked by the model (default platform behavior). If you plan to run agents autonomously, explicitly disable or restrict agent permissions for this plugin, or do not enable emotion mode (/dg_emotion) to avoid automatic triggers. - Set hardware safety limits in the DG-Lab App (the plugin's software limiter is not a safety substitute) and keep initial intensity very low when testing. - Review the repository/install script and the included JS files (server, protocol, pulselib, emotion) yourself or with someone technical to verify no unexpected remote endpoints or behaviors are present (the QR string references https://www.dungeon-lab.com for the app tag — expected for this ecosystem but note it is an external domain). If you are not comfortable auditing code or exposing a public WebSocket for a device that delivers electrical stimulation, do not install or run this plugin on a production/connected machine.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e15a9ab3xp7k77hg7d0ckjd83gr0k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments