Pluginv0.7.1

Static analysis security

Aigroup Lead Discovery Openclaw Release · Deterministic local checks for risky code patterns and metadata mismatches.

SuspiciousApr 19, 2026, 4:41 PM

warnscripts/mcp_compat/prime_matrix_stdio_bridge.mjs:10

File read combined with network send (possible exfiltration).

fs.readFileSync(path.join(os.homedir(), ".openclaw", "openclaw.json"), "utf8"),

warnscripts/mcp_compat/tianyancha_stdio_bridge.mjs:10

File read combined with network send (possible exfiltration).

fs.readFileSync(path.join(os.homedir(), ".openclaw", "openclaw.json"), "utf8"),