PLP are external, closed-source contracts that provide liquidity to the 0x Protocol. We want to limit the contracts called from the context of the Proxy contract because this contract has access to user funds. We must mitigate the attack vector where an ERC20 Token (or some other trusted contract) is passed in place of a legitimate PLP liquidity provider. We do this by routing trades through the PLP Sandbox.
The diagram below illustrates this workflow.