Is BlockRunAI/ClawRouter safe?

https://github.com/BlockRunAI/ClawRouter

94
SAFE

ClawRouter is a legitimate LLM routing plugin that optimizes inference costs by directing requests to appropriate models. The skill operates as a local proxy, implements x402 micropayments using local wallet key signing, and connects to blockrun.ai for payment settlement. No malicious behaviors detected - all network/file accesses are documented operational requirements.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (2)

INFO Wallet key access for payment signing 0

The skill reads BLOCKRUN_WALLET_KEY from the environment to sign EIP-712 payment transactions for the x402 micropayment protocol. This is required and documented behavior - the private key is used locally for cryptographic signing and never leaves the machine.

INFO Network calls to BlockRun API 0

The skill makes network requests to blockrun.ai for routing decisions and payment settlement. This is the intended operational behavior documented in the architecture.