AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a broad OpenClaw adapter that starts/proxies a local Forge runtime and exposes Forge tools/routes; risky primitives are aligned with that purpose.
Decision evidence
public snapshot- package.json has no install/preinstall/postinstall lifecycle scripts; only build script is present.
- openclaw.plugin.json declares a Forge/OpenClaw plugin with startup/tool activation and sensitive apiToken UI config.
- dist/openclaw/local-runtime.js starts a localhost Forge runtime, writes state/logs under ~/.openclaw, and uses npm install --ignore-scripts only when packaged runtime deps are missing.
- dist/openclaw/api-client.js sends configured apiToken only to configured Forge baseUrl and bootstraps cookies only for localhost/Tailscale hosts.
- dist/openclaw/session-bootstrap.js injects generated Forge context into agent bootstrapFiles, controlled by config injectBootstrapContext and plugin activation.
- dist/server/apps/api/src/health-weight-loss.js external fetches are nutrition lookups to OpenFoodFacts and USDA FDC, not credential exfiltration.
Source & flagged code
7 flagged · loading sourcePackage source references child process execution.
dist/openclaw/local-runtime.jsView on unpkg · L1A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/openclaw/local-runtime.jsView on unpkg · L509Package source references dynamic require/import behavior.
dist/assets/motion-Ca-ssBb_.jsView on unpkg · L8Package source references weak cryptographic algorithms.
dist/openclaw/session-registry.jsView on unpkg · L52Source appears to send environment or credential material to an external endpoint.
dist/server/apps/api/src/health-weight-loss.jsView on unpkg · L252