Back to plugin
Pluginv0.1.1
ClawScan security
Wrok Career Platform · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 5, 2026, 5:19 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The plugin's code and instructions mostly match its stated purpose (managing a Wrok account) but registry metadata omits the required Wrok API key and there are a few small inconsistencies that should be clarified before installing.
- Guidance
- This plugin appears to do what it says (manage Wrok account data) and talks only to the Wrok API, but the package/registry metadata incorrectly omits the required Wrok API key. Before installing, verify you trust the author and the API host (wrok-agent.fly.dev). Understand that supplying a wrok_sk_* API key gives the plugin full account-level powers (create/revoke API keys, reset/delete data, publish/unpublish profile/blog, delete resumes). If you proceed: (1) only use an account dedicated for automation if you want to limit blast radius, (2) confirm the base API URL is correct and trusted, (3) review and test the plugin with a non-production account, and (4) ask the maintainer to fix the manifest to explicitly declare required env vars (WROK_API_KEY, optional WROK_API_URL) so users are not misled. If you see unexpected activity, rotate/revoke the API key immediately.
- Findings
[pre-scan-injection-none] expected: No pre-scan injection signals were detected. This is consistent with an API-client plugin, but absence of findings does not remove the manifest inconsistencies discussed above.
Review Dimensions
- Purpose & Capability
- noteThe plugin is a client for the Wrok headless API and exposes account/profile/blog/job tools that align with the description. However, the published registry metadata claims no required environment variables or primary credential, while both the SKILL.md and the code expect an API key (WROK_API_KEY or plugin config apiKey). This mismatch is an incoherence in the manifest.
- Instruction Scope
- okSKILL.md instructs only how to install/configure and how to obtain/store the Wrok API key and points at the wrok-agent.fly.dev API. Runtime instructions and examples are limited to calling the Wrok API and managing account data; they do not instruct reading unrelated local files or exfiltrating data to unexpected endpoints.
- Install Mechanism
- okNo remote download/install-from-URL is used in the plugin metadata; it is a normal OpenClaw plugin built from the repo (npm build). The code is included in the package (TypeScript source + build step). No arbitrary external archive or shortener URLs were found in the manifest.
- Credentials
- concernThe plugin requires an account-level Wrok API key (wrok_sk_*) to operate — this is appropriate for the functionality. But the registry metadata lists no required env vars or primary credential, which is incorrect and could mislead users into not supplying/rotating the key correctly. The code also reads process.env.WROK_API_URL for overriding the base URL; this env var is not documented in the manifest. The plugin exposes destructive account-level tools (e.g., reset_all_data, delete_all_resumes) so providing an account API key grants broad account access.
- Persistence & Privilege
- okThe plugin is not marked always:true and does not request system-wide privileges. It can run autonomously (normal for skills), but there are no signs it modifies other plugins or system config. The biggest privilege is account-level access via the API key (expected for this plugin).