Back to plugin

Security audit

MLflow Tracing

Security checks across malware telemetry and agentic risk

Overview

This MLflow tracing plugin does what it advertises, but it can export and store sensitive prompts, outputs, tool data, and identity metadata without enough disclosure or redaction controls.

Review before installing. Use this only with a trusted MLflow server and avoid enabling it in environments where prompts, tool outputs, files, credentials, personal data, or proprietary content may appear in agent runs. Prefer disabling it unless you have redaction, access control, and retention policies in place.

VirusTotal

60/60 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.