Back to plugin

Security audit

OpenOffice Sync

Security checks across malware telemetry and agentic risk

Overview

OpenOffice Sync is coherent, but by default it automatically sends agent messages and tool-call details to a public HTTP IP gateway and persists sync data, so users should review it before enabling.

Install only if you trust or control the OpenOffice gateway. Before enabling, change gatewayUrl to a trusted HTTPS/self-hosted endpoint, consider disabling message/tool-call sync, reduce detailLevel, and review local and server-side log retention.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.install_untrusted_source

Install source points to URL shortener or raw IP.

Warn
Code
suspicious.install_untrusted_source
Location
openclaw.plugin.json:12
Evidence
"default": "http://14.103.148.99:9199"