// npm 패키지
openclaw-foundry-core
The forge that forges itself — self-writing meta-extension for OpenClaw
버전
2
메인테이너
1
라이선스
MIT
최초 publish
2026-06-04
publisher
xdemocle
tarball
726,640 B
AUTO-PUBLISHED·1개 버전 인덱싱됨·최근 publish: 2026-06-04
// exfil path
what is read → where it shipssteals
- ● AI API keys
- ● Chromium logins
sends to
(no destination string extracted — payload may be dynamic / obfuscated)
evidence in excerpt
> "default": "https://api.anthropic.com"
> import { spawn, exec } from "node:child_process";
> "default": "https://api.anthropic.com"// offending code· @1.0.0· 3 files flagged
llm: malicious · 0.95→ 크리덴셜 읽기 (reads-ai-api-keys) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
- @1.0.0··AUTO-PUBLISHED·publisher: xdemocleheuristic 40/100static flags 7llm malicious (0.95) via fast-tracknew-publisher:0dfirst-version-suspicious-publisherhas-source-reporeads-ai-api-keysreads-chromium-credswebhook-bineval-dynamicfunction-constructorchild-process-spawnreads-env-vars
→ 크리덴셜 읽기 (reads-ai-api-keys) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
// offending code· 3 files flaggedpatterns: 7
--- install scripts --- ### prepare npm run build ### prepublishOnly npm run clean && npm run build --- package/clawdbot.plugin.json (excerpt) --- { "id": "openclaw-foundry-core", "name": "Foundry", "description": "Self-writing meta-extension that forges new capabilities — researches docs, writes extensions, tools, hooks, and skills", "version": "0.2.3", "repository": "github:xdemocle/openclaw-foundry-core", "skills": ["./skills"], "configSchema": { "type": "object", "additionalProperties": false, "properties": { "dataDir": { "type": "string", "description": "Directory to store forged artifacts (default: ~/.openclaw/foundry)" }, "openclawPath": { "type": "string", "description": "Path to a local OpenClaw checkout for loading local docs (optional)" }, "llmApiKey": { "type": "string", "description": "API key for LLM-backed features (ADAS / meta search). Prefer the ANTHROPIC_API_KEY env var over storing it here." }, "llmBaseUrl": { "type": "string", "description": "Anthropic-compatible LLM API base URL", "default": "https://api.anthropic.com" }, "llmModel": { "type": "string", "description": "Model id for LLM-backed features", "default": "claude-3-5-sonnet-latest" } } }, "uiHints": { "dataDir": { "label": "Data Directory", "placeholder": "~/.openclaw/foundry" }, "openclawPath": { "label": "OpenClaw Path", "placeholder": "/path/to/openclaw" }, "llmApiKey": { "label": "LLM API Key", "sensitive": --- package/index.ts (excerpt) --- /** * Foundry — Self-writing coding subagent for OpenClaw. * * A meta-extension that researches best practices and writes code into: * - OpenClaw extensions (tools, hooks) * - Skills (SKILL.md + api.ts) * - The extension itself * * Grounded in docs.openclaw.ai/llms.txt — fetches documentation on demand. * * Tools: * foundry_research — Search docs.openclaw.ai for best practices * foundry_implement — Research + implement a capability * foundry_write_extension — Write a new OpenClaw extension * foundry_write_skill — Write a skill package * foundry_add_tool — Add a tool to an existing extension * foundry_add_hook — Add a hook to an existing extension * foundry_list — List written extensions/skills * foundry_docs — Read OpenClaw plugin/hooks documentation */ import type { ClawdbotPluginApi, ClawdbotPluginToolContext, } from "clawdbot/plugin-sdk"; import { existsSync, mkdirSync, readFileSync, writeFileSync, readdirSync, unlinkSync, rmSync, renameSync, } from "node:fs"; import { spawn, exec } from "node:child_process"; import { join } from "node:path"; import { homedir } from "node:os"; import { fileURLToPath } from "node:url"; // Atomic JSON write: serialize to a temp sibling then rename (atomic on POSIX) // so a crash mid-write cannot truncate or corrupt the destination file. function atomicWriteJson(path: string, data: unknown): void { const tmp = `${path}.tmp`; writeFileSync(tmp, JSON.st --- package/openclaw.plugin.json (excerpt) --- { "id": "openclaw-foundry-core", "name": "Foundry", "description": "Self-writing meta-extension that forges new capabilities — researches docs, writes extensions, tools, hooks, and skills", "version": "0.2.3", "repository": "github:xdemocle/openclaw-foundry-core", "skills": ["./skills"], "configSchema": { "type": "object", "additionalProperties": false, "properties": { "dataDir": { "type": "string", "description": "Directory to store forged artifacts (default: ~/.openclaw/foundry)" }, "openclawPath": { "type": "string", "description": "Path to a local OpenClaw checkout for loading local docs (optional)" }, "llmApiKey": { "type": "string", "description": "API key for LLM-backed features (ADAS / meta search). Prefer the ANTHROPIC_API_KEY env var over storing it here." }, "llmBaseUrl": { "type": "string", "description": "Anthropic-compatible LLM API base URL", "default": "https://api.anthropic.com" }, "llmModel": { "type": "string", "description": "Model id for LLM-backed features", "default": "claude-3-5-sonnet-latest" } } }, "uiHints": { "dataDir": { "label": "Data Directory", "placeholder": "~/.openclaw/foundry" }, "openclawPath": { "label": "OpenClaw Path", "placeholder": "/path/to/openclaw" }, "llmApiKey": { "label": "LLM API Key", "sensitive":
