Safety when installing plugins on domains I don't own
I developed a wordpress plugin entirely on localhost and tested it on a live server (CPanel) that I have full access to. What I'd like to know is what information I would need from a website owner if I were to install the plugin on their website? The assumption is that the website owner wants to give me as little information as possible, and I too don't want to expose myself to any liability beyond what I absolutely need to view to install the plugin for them.
release your plugin under gpl, put your name as author make a small readme ant thats it.
If thei hosting supports WordPress autoupgrade feature I don't see any reason of manually installing plugins. It can be done from admin cp there. If your plugin requires manual installation, then, probably, it is a bad plugin ;)
If you want to generate income from support, I am afraid, you will end up with requiring full access to hosting. And also you should know better than us what access will you need in order to support your plugin.
Assuming the plugin is not released publicly, you will need a user account for their WordPress install and FTP acccess.
A better option might be step-by-step instructions, or releasing the plugin on codex.wordpress.org -- if it's available there, you can install it with only a WordPress administrator account, which they can then delete or disable once it's installed.