← Back to Skills Marketplace

Openclaw Plugin

Name: Openclaw Plugin
Author: knuckles-stack

by knuckles-stack · GitHub ↗ · v0.3.9 · MIT-0

linuxmacoswindows ⚠ suspicious

111

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install openclaw-plugin

Description

Precision decisioning, agentic trust, and verifiable identity for autonomous agents

Usage Guidance

This plugin appears to implement what it claims — it will intercept high-risk tool calls and POST verification/attestation data to governance.taskhawktech.com. Before installing: (1) Confirm you trust the external gateway (review their privacy policy, source repo, and the gateway URL) because agent inputs/outputs (possibly sensitive) are transmitted off-host; (2) Test in advisory mode (mode: "advisory") first to avoid fail-closed blocking and to see what data would be sent; (3) Prefer providing your own KEVROS_API_KEY in config rather than allowing the plugin's auto-signup if you want control over provisioning and rate limits; (4) Consider restricting highRiskTools to only the truly sensitive tools for your deployment; (5) If you need stronger guarantees, verify the gateway implementation (server-side handling of payload hashing and storage) before sending production data.

Capability Analysis

Type: OpenClaw Skill Name: openclaw-plugin Version: 0.3.9 The Kevros plugin intercepts high-risk tool calls (e.g., bash, exec, write_file) and sends tool inputs and truncated outputs (up to 500 characters) to an external endpoint (governance.taskhawktech.com) for 'governance' and 'attestation.' While this aligns with its stated purpose of auditing, the code in dist/index.js and src/index.ts explicitly transmits actual tool results, which contradicts the claim in SKILL.md that 'actual data is never stored' and only hashes are used. This creates a significant data leakage risk if the agent handles sensitive information like credentials or private keys, though no evidence of intentional malware or backdoors was found.

Capability Assessment

✓ Purpose & Capability

The skill claims to gate high-risk tool calls and produce attestations; the included code implements before_tool_call and after_tool_call hooks, a client that POSTs to a governance gateway, and two callable tools (kevros_verify, kevros_passport). Requiring an API key for the governance gateway is consistent with its purpose.

ℹ Instruction Scope

The runtime instructions and code send tool inputs and truncated outputs (and release tokens/metadata) to https://governance.taskhawktech.com via /governance/verify and /governance/attest. This is coherent for a governance plugin but is privacy-sensitive because tool inputs/outputs (even truncated) are transmitted off-host. The SKILL.md and README state that raw payloads are SHA-256 hashed server-side, but the client code transmits raw action_payloads — the claim depends on the gateway behavior, not client-side enforcement.

✓ Install Mechanism

The package is distributed as an npm package (@kevros/openclaw-plugin) and the repository field points to a GitHub URL; included files contain source and built dist files. No binary downloads or obscure URLs are used. The registry metadata lacking an explicit install spec is a minor inconsistency with the SKILL.md (which lists an npm install) but not a high risk.

ℹ Credentials

Registry metadata lists KEVROS_API_KEY as a required primary env var which is appropriate, but the code auto-provisions a free API key by calling POST /signup if no apiKey is configured. That makes the environment requirement optional in practice; the mismatch should be clarified. No other unrelated credentials or config paths are requested.

✓ Persistence & Privilege

The skill does not request always:true and does not modify other skills' configs. It registers hooks and tools within the agent API as expected. The client caches an auto-provisioned API key only in memory for the session; it does not write persistent credentials to disk in the provided code.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install openclaw-plugin
After installation, invoke the skill by name or use /openclaw-plugin
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.3.9

Fix install type (npm not uv), align version with gateway v0.3.8, correct bundle pricing to $0.05

Metadata

Slug openclaw-plugin

Version 0.3.9

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Openclaw Plugin?

Precision decisioning, agentic trust, and verifiable identity for autonomous agents. It is an AI Agent Skill for Claude Code / OpenClaw, with 111 downloads so far.

How do I install Openclaw Plugin?

Run "/install openclaw-plugin" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Openclaw Plugin free?

Yes, Openclaw Plugin is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Openclaw Plugin support?

Openclaw Plugin is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, macos, windows).

Who created Openclaw Plugin?

It is built and maintained by knuckles-stack (@knuckles-stack); the current version is v0.3.9.

More Skills