Latest release: v2026.5.28Download zip
Capabilities
Compatibility
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The capability is coherent with a model-provider plugin: it registers Amazon Bedrock Mantle support and sends prompts plus provider credentials to the configured model endpoint as part of inference.
Instruction Scope
No artifact-backed evidence shows hidden agent instructions, prompt override behavior, unrelated data access, destructive actions, or user-control bypass.
Install Mechanism
The package is from the trusted @openclaw publisher context and the observed package metadata describes a normal npm/ClawHub plugin distribution without install-time script concerns.
Credentials
The plugin uses sensitive AWS/Mantle bearer credentials and transmits model context to a remote provider, but that is expected and proportionate for a remote LLM provider integration.
Persistence & Privilege
The provider may use discovery caching or token refresh behavior, but there is no evidence of broad persistence, privilege escalation, local indexing, or background mutation outside the provider purpose.
Scan Findings in Context
[SQP-2] expected: The flagged Anthropic SDK browser-access options and auth-bearing request path are sensitive, but the reviewed context supports this as provider runtime code for a model endpoint, not evidence that secrets are exposed to an arbitrary browser page or exfiltrated outside the intended provider flow.
Assessment
Install this only if you intend OpenClaw to use Amazon Bedrock Mantle models. Treat configured AWS_BEARER_TOKEN_BEDROCK or IAM credentials as sensitive, and expect prompts, attachments included in model context, and generated outputs to be sent to the configured Mantle provider endpoint during model calls.dist/discovery.js:210
File appears to expose a hardcoded API secret or token.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.