Back to plugin

Security audit

LingDu

Security checks across malware telemetry and agentic risk

Overview

LingDu appears to be a real memory-sync plugin, but it runs a detached background synchronizer and makes strong encryption/privacy claims that are not fully supported by the visible artifacts.

Install only if you trust the LingDu cloud service and want your assistant memory files synced automatically. Before using it with sensitive memory, verify how to stop the background daemon, keep the config token file private, prefer HTTPS cloud URLs, and review the encryption design rather than relying solely on the documentation claims.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
index.js:240
Evidence
nodeProcess = spawn(process.execPath, [daemonScript, mode], {