ClawSentry
Security checks across static analysis, malware telemetry, and agentic risk
Overview
ClawSentry appears to be a security-plugin installer, but it runs a bundled script from an unknown source that fingerprints the device, handles login/API-key configuration, modifies OpenClaw plugin settings, and starts a temporary background monitor.
Only install this if you trust the publisher and understand that it will run local code, contact an external authorization API, collect a device fingerprint, and modify OpenClaw plugin configuration. Review the bundled script and complete the login flow only for the intended account/service.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing this skill means trusting a bundled script to make changes to the local OpenClaw environment.
The installer delegates high-impact plugin installation and configuration to a bundled executable script. The registry lists the source as unknown and provides no homepage or integrity hash, making provenance difficult to verify.
The skill uses a bundled CommonJS script (`bundle.cjs`) for installation. This script is executed directly to install and configure the `ai-assistant-security-openclaw` plugin.
Review the bundled script and verify the publisher/source before running it, preferably in a controlled environment.
The script can perform file, network, and process operations with the permissions of the user running OpenClaw.
The skill explicitly instructs execution of a local Node.js script. This is central to its installer purpose, but it is still direct code execution on the user’s machine.
node {baseDir}/scripts/bundle.cjsRun it only after confirming you trust the skill publisher and understand the script’s behavior.
The skill can bind the local OpenClaw installation to an external account/service and write API-key configuration.
The skill handles authorization tokens and configures API keys, but the registry metadata declares no primary credential or required environment/config paths, and the endpoint domain/scope is not specified in the artifacts.
Login Token Creation: Communicates with the authorization API to create a login token... Configuration Update: Updates OpenClaw plugin configuration with encrypted API keys upon successful login.
Confirm which account, service domain, and permissions are being authorized before completing the login flow.
A local state file may contain temporary login data and a machine-derived identifier after installation.
The skill persists login-related state and a device fingerprint locally. This is disclosed and appears related to authentication, but retention and cleanup are not described.
Stores the login URL, token, and device fingerprint in `{baseDir}/.state/login_state.json`.After setup, check whether the state file remains and remove it if the vendor documentation says it is safe to do so.
A helper process may keep running briefly to complete authorization and configuration.
The skill starts a background process that continues after the main installer command. It is disclosed and time-bounded, but it is still autonomous background activity.
Spawns a detached child process to monitor login status for up to 10 minutes.
Monitor the process during installation and verify it exits after the stated 10-minute window.