Back to plugin
Pluginv1.0.3
ClawScan security
MOVA · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 3, 2026, 9:38 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The plugin's code, documentation, and declared config are internally consistent with its stated purpose (HITL contract execution); the main risk is that you must trust the remote MOVA API with your LLM key and contract data.
- Guidance
- This plugin appears to do what it says: it routes contract inputs to a MOVA API which proxies LLM calls to OpenRouter. Before installing, decide whether you trust the MOVA service (default baseUrl https://api.mova-lab.eu) with: (1) your OpenRouter API key (llmKey) and (2) any contract inputs or audit metadata you will send. If you are uncomfortable: use the provided test MOVA apiKey for non-production work, host your own MOVA instance by overriding baseUrl, or create a limited/billing-restricted OpenRouter key for use with MOVA. Rotate keys after testing, review MOVA's privacy/audit retention policies, and avoid submitting highly sensitive secrets inside contract inputs unless you have organizational approval. Note: the plugin requires plugin-config credentials (apiKey and llmKey) — these are not environment variables but will be stored in OpenClaw plugin config.
Review Dimensions
- Purpose & Capability
- okName/description, openclaw.plugin.json, SKILL.md and the JS code align: the plugin implements MOVA contract runtime helpers, calls a MOVA API (configurable baseUrl) and expects an apiKey and an OpenRouter llmKey. There are no unrelated binaries, env vars, or filesystem requirements.
- Instruction Scope
- okRuntime instructions and code only direct network calls to the configured MOVA API (default https://api.mova-lab.eu). SKILL.md does not instruct the agent to read unrelated local files, environment variables, or to exfiltrate data beyond the documented MOVA/OpenRouter flow.
- Install Mechanism
- okNo external download/extract/install steps are present in the registry metadata; this is an instruction-only plugin package with bundled dist/ files. No high-risk installers or remote archives are used.
- Credentials
- noteThe plugin requires two config credentials (MOVA apiKey and an OpenRouter llmKey) which are appropriate for its function. However, the llmKey is sent to the MOVA API (which then proxies calls to OpenRouter), so providing your LLM key requires trusting the MOVA service. The registry top-level 'Required env vars: none' is correct (these are plugin config fields, not environment variables) but could be confusing to non-technical users.
- Persistence & Privilege
- okThe plugin does not request always:true and does not request fileIO or shell execution. It stores credentials in the plugin config (normal). Autonomous invocation is allowed (platform default) but is not combined with unusual privileges.