AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. First-party OpenClaw plugin can automatically sync an agent workspace to Alfe/S3-backed storage and restore remote files locally. This is package-aligned but high-impact if enabled in an agent runtime.
Decision evidence
public snapshot- openclaw.plugin.json activates on startup and hooks agent start/stop/compaction to run alfesync pull/push.
- dist/plugin2.js starts realtime watcher and scheduled sync inside plugin activate/registerService.
- dist/sync-engine.js uploads workspace files to presigned URLs and writes downloaded remote files into workspace.
- dist/plugin2.js connects to Alfe sync relay WebSocket with API token query parameter.
- package.json has no npm preinstall/install/postinstall lifecycle scripts.
- No eval/vm/Function or child_process execution found in inspected source.
- Network and file sync behavior is package-aligned: Alfe/OpenClaw workspace backup/sync.
- Default ignores exclude .env, node_modules, git, caches, extensions/plugins/npm runtime dirs.
- Fetches in dist/plugin2.js and dist/sync-engine.js download files; no decoded remote code execution observed.
Source & flagged code
2 flagged · loading sourceSource fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
dist/plugin2.jsView on unpkg · L108A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/plugin2.jsView on unpkg