Strake
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This plugin appears to do what it says: it registers Strake as an OpenClaw model provider and uses a Strake endpoint and token to proxy model requests.
This looks like a legitimate provider plugin, not a malicious skill. Before installing, make sure you trust Strake to hold the upstream API key, verify the STRAKE_BASE_URL value, and prefer short-lived or easily revocable tokens rather than long-lived secrets in shell profiles.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
No visible risk-analysis findings were reported for this release.