AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. This is a first-party OpenClaw channel extension and explicitly invoked daemon. At runtime it bridges BGOS messages to a configured local OpenClaw gateway and can persist a user-approved pairing token. No install-time mutation or concrete malicious payload was established.
Decision evidence
public snapshot- `package.json` registers an OpenClaw extension and setup entry.
- `dist/pair-cli.js` writes BGOS pairing credentials to `~/.openclaw/secrets/bgos.json` after explicit pairing.
- `dist/daemon.js` forwards BGOS inbound messages to a local OpenClaw gateway and starts a localhost peers API.
- `dist/bgos-api.js` sends pairing-authenticated requests to the configured BGOS API.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- No child-process, shell, eval, Function, dynamic import, or binary-loading primitive was found in `dist/*.js`.
- Credential persistence is only reached through explicit `--pair` flows and uses mode `0600`.
- `dist/peers-server.js` binds to `127.0.0.1` and defaults to per-process bearer authentication.
- Network behavior is consistent with the declared BGOS/OpenClaw channel bridge.
Source & flagged code
4 flagged · loading source`package.json` registers an OpenClaw extension and setup entry.
package.jsonView on unpkg`dist/pair-cli.js` writes BGOS pairing credentials to `~/.openclaw/secrets/bgos.json` after explicit pairing.
dist/pair-cli.jsView on unpkg`dist/daemon.js` forwards BGOS inbound messages to a local OpenClaw gateway and starts a localhost peers API.
dist/daemon.jsView on unpkg`dist/bgos-api.js` sends pairing-authenticated requests to the configured BGOS API.
dist/bgos-api.jsView on unpkg