Latest release: v0.1.59Download zip
Capabilities
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The plugin-install, host-configuration, MCP, and hook setup behavior is coherent with an OpenClaw installer for Hi, but it is high-impact because it changes how the local agent host receives and routes events.
Instruction Scope
The skill instructs the agent to normalize a suspicious/review prompt and tell the user to approve it, which can reduce meaningful user review of a high-impact installation.
Install Mechanism
Installer comments explicitly describe avoiding the OpenClaw plugin install scanner and moving dependency preparation into a prebundled vendor path, creating a supply-chain/provenance concern even though the stated goal is installation.
Credentials
The installer defaults to an external Hi platform URL over plain HTTP, while the skill tells the agent not to ask the user to choose an environment or URL.
Persistence & Privilege
The installer persistently writes OpenClaw hooks and MCP server config and uses session/reply-routing values; this is expected for the stated install purpose but should be explicitly approved by the user.
Scan Findings in Context
[static-scan:clean] expected: The static scanner reported no suspicious patterns; the review concerns come from explicit artifact instructions, installer comments, and configuration/network behavior.
What to consider before installing
Before installing, review the source and only approve the OpenClaw warning if you are comfortable with Hi modifying persistent OpenClaw hooks/MCP config, using session/reply-routing information, and connecting to the default Hi service. Prefer HTTPS or an explicitly verified endpoint, and back up your OpenClaw config first.