Back to plugin

Security audit

Codex SDK Runtime

Security checks across malware telemetry and agentic risk

Overview

This appears to be what it claims—a Codex runtime for OpenClaw—but it gives Codex a configurable backchannel into OpenClaw that users should understand before enabling.

Install this only if you want Codex to become an OpenClaw runtime and to receive OpenClaw context through the backchannel. Keep inheritEnv disabled unless you have a specific reason, keep backchannel allowedMethods/readMethods narrow, do not set apiKeyEnv to an unrelated secret, and only use --auth none on loopback test gateways as the docs warn.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.exposed_secret_literal

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
src/backchannel-server.test.ts:30
Evidence
const child = spawn(process.execPath, [serverPath], {

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
src/backchannel-settings.mjs:122
Evidence
...([REDACTED] ? { password: [REDACTED] } : {}),

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
src/runtime.test.ts:333
Evidence
process.env.GITHUB_TOKEN = "[REDACTED]";