AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/src/commands.js cmdSetup explicitly writes OpenClaw config: plugins.allow, plugins.entries.*.enabled, bindings, tools.alsoAllow.
- dist/index.js register() registers AC2 tools/commands and starts runtime side effects outside CLI mode, including Liquid Auth/WebRTC resume listeners.
- dist/src/x402-core.js exposes agent tools that fetch caller-supplied baseURL/path and can make paid x402 requests after wallet signing.
- dist/src/agent-identity.js creates and stores a plugin agent private key under ~/.openclaw/plugins/ac2-plugin-openclaw/agent-key.json.
- package.json has no preinstall/install/postinstall hooks; only prepublishOnly build script.
- Config mutation is shell CLI-only via `openclaw ac2 setup`, not automatic at npm install/import time.
- Network endpoints are package-aligned defaults or user/tool supplied: liquidauth.goplausible.xyz, facilitator.goplausible.xyz, Nodely algod, and explicit baseURL.
- Wallet payment/signing flow uses connected AC2 wallet approval; no local wallet secret harvesting was found.
- No child_process, eval/vm/Function, remote code loading, destructive filesystem behavior, or credential exfiltration found.
Source & flagged code
4 flagged · loading sourcedist/src/commands.js cmdSetup explicitly writes OpenClaw config: plugins.allow, plugins.entries.*.enabled, bindings, tools.alsoAllow.
dist/src/commands.jsView on unpkgdist/index.js register() registers AC2 tools/commands and starts runtime side effects outside CLI mode, including Liquid Auth/WebRTC resume listeners.
dist/index.jsView on unpkgdist/src/x402-core.js exposes agent tools that fetch caller-supplied baseURL/path and can make paid x402 requests after wallet signing.
dist/src/x402-core.jsView on unpkgdist/src/agent-identity.js creates and stores a plugin agent private key under ~/.openclaw/plugins/ac2-plugin-openclaw/agent-key.json.
dist/src/agent-identity.jsView on unpkg