Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/index.js:110
- Evidence
const match = /^ref: refs\/heads\/(.+)$/.exec(head);
Security audit
Security checks across malware telemetry and agentic risk
This plugin does what it says: it adds CloudSigma routing metadata and bounded route-status lookup without evidence of hidden collection, exfiltration, destructive behavior, or privilege escalation.
Install this only if you intend CloudSigma requests to include stable session identifiers, routing correlation headers, and limited repository context such as repo name, branch hint, and dirty-state hint. Review whether that metadata is acceptable for your workspace before enabling it for CloudSigma providers.
57/57 vendors flagged this plugin as clean.
Detected: suspicious.dangerous_exec
const match = /^ref: refs\/heads\/(.+)$/.exec(head);