Back to plugin

Security audit

Manifest Provider

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Manifest LLM routing provider, though its metadata under-declares the Manifest API key and endpoint settings that the code can use.

Before installing, understand that using manifest/auto means your model requests will be routed through Manifest’s cloud service unless you deliberately configure another endpoint. The API key it asks for is relevant to the service, but the package metadata should ideally declare MANIFEST_API_KEY and the optional MANIFEST_ENDPOINT setting more clearly.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dynamic_code_execution, suspicious.env_credential_access, suspicious.exposed_secret_literal

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
__tests__/build.test.ts:23
Evidence
it("does not contain eval( calls", () => {

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
dist/index.js:2
Evidence
"use strict";var ENV={API_KEY:"MANIFEST_API_KEY",ENDPOINT:"MANIFEST_ENDPOINT"},API_KEY_PREFIX="mnfst_",DEFAULTS={ENDPOINT:"https://app.manifest.build",SERVICE_N...

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
__tests__/config.test.ts:150
Evidence
const result = parseConfig({ apiKey: "[REDACTED]" });

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
dist/index.js:2
Evidence
"use strict";var ENV={API_KEY:"[REDACTED]",ENDPOINT:"MANIFEST_ENDPOINT"},API_KEY_PREFIX="mnfst_",DEFAULTS={ENDPOINT:"https://app.manifest.build",SERVICE_NAME:"o...

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
dist/index.js.map:4
Evidence
"sourcesContent": ["// Environment variable names (fallback when plugin config is missing)\nexport const ENV = {\n  API_KEY: '[REDACTED]',\n  ENDPOINT: 'MANIFES...

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
src/constants.ts:3
Evidence
API_KEY: '[REDACTED]',