Install source points to URL shortener or raw IP.
Warn
- Code
- suspicious.install_untrusted_source
- Location
- openclaw.plugin.json:96
- Evidence
"placeholder": "http://127.0.0.1:3000/oauth2callback",
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a legitimate Google Workspace integration, but it grants broad Google account authority and some write-capable actions are not clearly protected by confirmation or least-privilege scopes.
Install only if you are comfortable granting this plugin access to the selected Google Workspace services. Start with Gmail, Drive, and Sheets in read-only mode, enable write access only for specific needs, verify the OAuth scopes before consenting, and protect the credentials and token files under `~/.openclaw/secrets`.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.install_untrusted_source
"placeholder": "http://127.0.0.1:3000/oauth2callback",