Back to plugin

Security audit

Codex

Security checks across malware telemetry and agentic risk

Overview

This official OpenClaw Codex plugin has powerful Codex runtime controls, but they are disclosed and fit its purpose.

Install this if you want OpenClaw to run Codex-backed agents. Review advanced settings before enabling user home sharing, danger-full-access/yolo permissions, native Codex plugins, computer-use auto-install, remote WebSocket app-server endpoints, or diagnostics upload, because those options can expose local files, credentials, or connected app actions to Codex workflows.

VirusTotal

62/62 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/command-rpc-eLM_mtC7.js:424
Evidence
const child = spawn(invocation.command, invocation.args, {

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/run-attempt-FUyOjGCV.js:1485
Evidence
const child = spawn(command, args, {

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/shared-client-4ICy3U6d.js:93
Evidence
return spawn(invocation.command, invocation.args, {