Back to plugin

Security audit

OpenClaw Plugin For Codex App Server

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real OpenClaw-to-Codex bridge, and its powerful behaviors match what it says it does.

Install this only if you want Telegram or Discord conversations to control your local Codex threads. Be especially careful with bound chats and the Full Access/yolo permission controls, because they can allow Codex to act more freely in the selected workspace. Also verify any configured WebSocket URL, auth token, headers, command, and args are ones you trust. Confidence is medium because some source files were truncated or omitted in the provided artifact, but the visible code and documentation are internally consistent.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
src/client.ts:660
Evidence
const child = spawn(this.command, ["app-server", ...this.args], {