Security audit
MLflow Tracing
Security checks across malware telemetry and agentic risk
Overview
This MLflow tracing plugin does what it advertises, but it can export and store sensitive prompts, outputs, tool data, and identity metadata without enough disclosure or redaction controls.
Review before installing. Use this only with a trusted MLflow server and avoid enabling it in environments where prompts, tool outputs, files, credentials, personal data, or proprietary content may appear in agent runs. Prefer disabling it unless you have redaction, access control, and retention policies in place.
VirusTotal
60/60 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
