openclaw-setup

SUSPICIOUS. The general OpenClaw custom-provider setup is plausible, but the skill’s actual data flow is not coherent with a normal Anthropic integration: it routes an Anthropic API key to a third-party ZKnow endpoint, with an example raw IP over plain HTTP. The main risk is credential forwarding and insecure transport, not malware payload execution.