Dynamic code execution detected.
- Code
- suspicious.dynamic_code_execution
- Location
- __tests__/build.test.ts:23
- Evidence
it("does not contain eval( calls", () => {
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a real Manifest cloud LLM router plugin, and its requested capabilities match that purpose.
Before installing, understand that using this plugin means your LLM requests may be routed through Manifest's cloud service at app.manifest.build. The API key requirement fits the purpose, and no unrelated credentials are requested. The main caveat is transparency: the metadata says there are no declared env vars even though the docs mention MANIFEST_API_KEY, and the provided source listing was partially truncated, so reviewing the full runtime bundle would increase confidence.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dynamic_code_execution, suspicious.env_credential_access, suspicious.exposed_secret_literal
it("does not contain eval( calls", () => {"use strict";var ENV={API_KEY:"MANIFEST_API_KEY",ENDPOINT:"MANIFEST_ENDPOINT"},API_KEY_PREFIX="mnfst_",DEFAULTS={ENDPOINT:"https://app.manifest.build",SERVICE_N...const result = parseConfig({ apiKey: "[REDACTED]" });"use strict";var ENV={API_KEY:"[REDACTED]",ENDPOINT:"MANIFEST_ENDPOINT"},API_KEY_PREFIX="mnfst_",DEFAULTS={ENDPOINT:"https://app.manifest.build",SERVICE_NAME:"o..."sourcesContent": ["// Environment variable names (fallback when plugin config is missing)\nexport const ENV = {\n API_KEY: '[REDACTED]',\n ENDPOINT: 'MANIFES...API_KEY: '[REDACTED]',