Shell command execution detected (child_process).
- Code
- suspicious.dangerous_exec
- Location
- index.ts:25
- Evidence
execFile(bin, args, { shell: false, env: sanitizedEnv }, (error, stdout, stderr) => {
Security audit
Security checks across malware telemetry and agentic risk
This appears to be the OMNI shell-output filtering wrapper it claims to be, but it effectively gives the agent a shell-like command tool and has a few packaging/documentation inconsistencies.
Install this only if you intentionally want your agent to have an OMNI-mediated, shell-like command execution tool. The provided plugin code does not show hidden network endpoints or credential requests, but its local-only/privacy claims depend on the separate `omni` CLI you install, so verify that binary from its official source. Also note the small inconsistencies: the registry did not list the required `omni` binary, the package versions do not all match, and the advertised custom `omniPath` setting appears to be ignored by the code.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec
execFile(bin, args, { shell: false, env: sanitizedEnv }, (error, stdout, stderr) => {