Code Pluginsource linked
Packagev2026.4.13
OpenClaw OpenViking-backed long-term memory plugin (install to ~/.openclaw/extensions)
Community code plugin. Review compatibility and verification before install.openclaw plugins install clawhub:@openclaw/openvikingLatest release: v2026.4.13Download zip
Capabilities
- configSchema
- Yes
- Executes code
- Yes
- HTTP routes
- 0
- Plugin kind
- context-engine
- Runtime ID
- openviking
Compatibility
- Built With Open Claw Version
- 2026.3.7
- Min Gateway Version
- 2026.3.7
- Plugin Api Range
- >=2026.3.7
- Plugin Sdk Version
- 2026.3.7
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description describe a long-term memory OpenViking plugin and the included TypeScript files implement a client, context-engine, process manager, and config schema for running either a local OpenViking subprocess or a remote OpenViking HTTP server. Required env/config (OPENVIKING_BASE_URL, OPENVIKING_API_KEY, config path under ~/.openviking) are consistent with that purpose.
Instruction Scope
The SKILL.md content is essentially package metadata (package.json) and the runtime code acts within expected boundaries: reading plugin config, optionally reading ~/.openviking/ov.conf, starting a local OpenViking subprocess, and issuing HTTP requests to the configured OpenViking baseUrl (/api/v1/* endpoints). There are no unexplained instructions to read unrelated system secrets or to post data to unexpected third-party endpoints (default baseUrl is localhost).
Install Mechanism
There is no separate install spec in the registry entry, but package.json and install-manifest.json indicate an npm install (omitDev true). This is a standard, low-risk install path (pulls @sinclair/typebox). No downloads from arbitrary URLs or extract-from-URL steps are present. Users should expect npm to run and node packages to be installed.
Credentials
The code optionally uses OPENVIKING_API_KEY, OPENVIKING_BASE_URL/OPENVIKING_URL, and several debug flags (OPENVIKING_LOG_ROUTING, OPENVIKING_DEBUG). These are directly relevant. The plugin reads files under the user's home (~/.openviking/ov.conf) and may write diagnostics in local mode; no unrelated credentials (AWS, GCP, etc.) are requested.
Persistence & Privilege
The skill is not always-enabled (always: false). It can be invoked autonomously (default), which is expected for a context engine plugin. It may start a local subprocess and read/write its own config under the user's home, but it does not request system-wide privileges or modify other skills.
Assessment
This skill appears coherent with its stated purpose. Before installing, consider: 1) If you set mode=remote or change baseUrl, conversation content and extracted memories will be sent to that remote server — only configure a remote URL and API key if you trust the target. 2) In local mode the plugin may start a subprocess (OpenViking) and read ~/.openviking/ov.conf; review that config file and ensure it does not reference sensitive endpoints you don't trust. 3) npm install will run to fetch dependencies; review package.json if you require stricter supply-chain control. 4) If you want to limit data leaving the agent, disable autoCapture/autoRecall or tighten bypassSessionPatterns. Overall the code looks consistent and proportional to a memory plugin, but you should audit any remote server you point it at and the ov.conf contents before use.openclaw.plugin.json:22
Install source points to URL shortener or raw IP.
process-manager.ts:1
File read combined with network send (possible exfiltration).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Verification
- Tier
- source linked
- Scope
- artifact only
- Summary
- Validated package structure and linked the release to source metadata.
- Commit
- cd978a2c4a17
- Tag
- cd978a2c4a172d6eb8318cab3f4b7ee17c486848
- Provenance
- No
- Scan status
- pending
Tags
- dev
- 2026.4.14-dev.6
- latest
- 2026.4.13
- test
- 2026.4.14-test.2