Security audit
BytePlus Cloud Sandbox
Security checks across malware telemetry and agentic risk
Overview
The plugin's code, instructions, and requested credentials are consistent with a BytePlus VeFaaS cloud sandbox backend — nothing in the bundle indicates hidden or unrelated behavior.
This plugin appears to do what it claims: it sends your shell commands to a BytePlus VeFaaS sandbox via an API Gateway and (optionally) uses BytePlus credentials to auto-create/kill sandboxes. Before installing: 1) Only provide an API Gateway endpoint you control or trust (the endpoint will receive every command and file operation you run). 2) Only export BYTEPLUS_ACCESS_KEY_ID / BYTEPLUS_SECRET_ACCESS_KEY if you want the auto-create/kill feature — those credentials permit creating and destroying sandboxes in your BytePlus account. 3) Review the registry file (~/.openclaw/byteplus-sandbox-registry.json) and rotate or remove credentials after use if desired. 4) Note the small metadata inconsistency: the registry summary omitted the provider env vars even though the plugin uses them for auto-create; treat the env vars as optional and only set them when needed. If you need higher assurance, verify the plugin source repository and its maintainer before granting credentials.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
