Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/client-CLrtWgrD.js:76
- Evidence
return spawn(invocation.command, invocation.args, {
Security audit
Security checks across malware telemetry and agentic risk
This is an official OpenClaw Codex integration whose sensitive capabilities match its stated purpose and are disclosed through configuration and commands.
Install this only if you want OpenClaw to run Codex-backed turns and bridge Codex/OpenAI auth. Review advanced settings before enabling broad sandbox modes, remote WebSocket app-server URLs, Computer Use auto-install, native Codex plugins, or diagnostics uploads.
61/61 vendors flagged this plugin as clean.
Detected: suspicious.dangerous_exec
return spawn(invocation.command, invocation.args, {const child = spawn(invocation.command, invocation.args, {const child = spawn(command, args, {