Back to plugin

Security audit

Cn LLM

Security checks across malware telemetry and agentic risk

Overview

The package and runtime instructions are internally consistent: it requires only AISA_API_KEY and python3 to talk to the AIsa API (api.aisa.one) and the included code matches that stated purpose.

This package appears coherent with its stated purpose, but consider these practical precautions before installing: (1) AISA_API_KEY grants access to your AIsa account and could incur billing — only use a key you trust and consider a scoped/restricted key if available. (2) The included Python client sends any prompt/content to https://api.aisa.one; avoid sending sensitive PII or secrets through the skill. (3) Review the bundled scripts (skills/cn-llm/scripts/cn_llm_client.py) yourself if you have concerns; it is small and readable. (4) Store and rotate the API key securely (avoid committing it to repos), and remove the plugin and revoke the key if you stop using the service. (5) If you need higher assurance, run the client in an isolated environment or sandbox first.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.