Back to plugin
Pluginv0.1.1
ClawScan security
OpenClaw Auth Wiper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 9:00 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requested access are consistent with a local OpenClaw model-auth reset utility and do not request unrelated credentials or network access.
- Guidance
- This appears to be a legitimate, narrowly scoped utility. Before running: 1) Always run the dry-run first (npx openclaw-auth-wiper --dry-run) and inspect the report. 2) Verify the backup folder (~/.openclaw/.auth-wiper-backups/<timestamp>) contains expected backups before applying. 3) Prefer running npx (or inspect the dist/ source) rather than blindly installing global packages. 4) Confirm you trust the publisher (Growthcircle.id) and your OpenClaw version compatibility. 5) Be cautious using --all-agents or --apply --yes on multi-user systems—this will affect every agent under the OpenClaw home. If you want extra assurance, review the dist/wiper.js transform functions in this repo locally to confirm the exact JSON fields that will be removed.
Review Dimensions
- Purpose & Capability
- okName/description promise (wipe only model/auth and related state) matches the code and SKILL.md: targets files under ~/.openclaw, registers a plugin command, and exposes a CLI; nothing in the repository or manifest requests unrelated services or credentials.
- Instruction Scope
- okRuntime instructions restrict actions to OpenClaw auth/model files, recommend dry-run first, require confirmation for destructive runs, and explicitly state what is never touched (channels, gateway tokens, logs, transcripts, etc.). The code implements allowlists, symlink refusal, backups, and atomic writes as described.
- Install Mechanism
- okNo download-from-URL or other high-risk install steps are present. Distribution is via npm/ClawHub/GitHub (package.json, openclaw.plugin.json, dist/ files included). There is no arbitrary remote fetch in the runtime code.
- Credentials
- okThe skill requires no environment credentials and only optionally reads OPENCLAW_HOME (documented). It operates on local OpenClaw configuration paths only; no unrelated env vars, keys, or tokens are requested.
- Persistence & Privilege
- okThe package does not request forced persistent inclusion (always:false). It registers a command and tool via the plugin API (normal for plugins). No code modifies other skills' configs or requests elevated system-wide privileges.