Pluginv2026.1.0

ClawScan security

VK Bots Channel Plugin · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 27, 2026, 2:14 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This plugin’s code, docs, and runtime instructions are coherent with a VK Long Poll channel plugin; nothing in the bundle indicates behavior beyond its stated purpose, though the README/SKILL.md mentions a VK token that the registry metadata does not list as a required env var (documentation/metadata mismatch).
Guidance: This plugin appears to be what it says: a VK Long Poll channel for OpenClaw. Before installing: 1) Be prepared to provide a VK group token (the README/runbook references VK_GROUP_TOKEN or a token file) and store it securely — avoid placing tokens in world-readable locations like /root if you don't intend to run as root. 2) Verify you are installing the published npm package (openclaw-vkbots-plugin) or from a trusted local checkout; review the package contents if you need extra assurance. 3) The repo includes CI/publish workflows that reference NPM/GitHub secrets (NPM_TOKEN, GITHUB_TOKEN) for publishing; those are normal for releases and not needed to run the plugin. 4) If you need a stricter inventory, check src/token.ts and src/monitor.js (or other runtime files) for any additional network endpoints or logging behavior; from the provided files the plugin talks only to VK endpoints. 5) If the environment metadata in the registry matters for automation, note the package did not list the VK token in required env vars — add that to your provisioning docs or ask the maintainer to update metadata.

Review Dimensions

Purpose & Capability: okName/description, code, and tests align: the package implements a VK Long Poll direct-message channel, calls VK APIs (api.vk.com), supports token configuration and pairing, and contains channel lifecycle and send/monitor logic. Declared package dependencies are minimal (zod); larger dependency list in the lockfile comes from dev/peer dependencies (openclaw, test/tooling) and is expected for a plugin repo.
Instruction Scope: okSKILL.md and README instruct only plugin install, channel add, local testing, and how to supply a VK group token (env, token file, or direct config). The runtime instructions and runbook reference only OpenClaw CLI commands and local secret storage; they do not instruct reading unrelated system files or exfiltrating data to unexpected endpoints. The code shown makes requests only to VK APIs and long-poll servers.
Install Mechanism: okNo external downloads or remote install URLs are used in the package metadata; install is via the OpenClaw plugin mechanism (npm or local path). The repository includes standard Node project/CI files and no extract-from-arbitrary-URL install steps.
Credentials: noteThe registry metadata lists no required env vars, but the documentation and runbook explicitly describe supplying a VK group token (e.g., VK_GROUP_TOKEN, direct config, or a token file such as /root/.openclaw/workspace/secrets/vk-token.txt). That is reasonable and expected for a VK bot plugin, but the metadata should declare the token requirement so users know a secret is needed before install. No unrelated credentials (AWS, NPM tokens) are required at runtime by the plugin itself; other tokens referenced in CI (NPM_TOKEN, GITHUB_TOKEN) are for publishing workflows only.
Persistence & Privilege: okFlags are default: always:false and user-invocable:true. The plugin does not request permanent global inclusion and does not modify other plugins or system-wide agent configuration outside its own setup entry.