Back to plugin

Security audit

Genor's Orchestrator

Security checks across malware telemetry and agentic risk

Overview

The plugin appears purpose-built for orchestration, but it also installs persistent local automation and records activity in ways users should review before enabling.

Review this before installing in sensitive environments. Expect local activity logs, live agent state files, project indexing, a localhost dashboard if set up, recurring maintenance, and possible crontab/PM2 persistence. Install only if you are comfortable with those background behaviors, can inspect the companion skill/script, and know how to remove the cron job, PM2 service, and orchestrator-data files if needed.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/index.js:294
Evidence
const result = execSync(`find "${location}" -not -path "*/node_modules/*" -not -path "*/.git/*" -not -path "*/dist/*" -maxdepth 4 -type f \\( -name "*.ts" -o -n...

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/src/index.js:214
Evidence
const result = execSync(`find "${location}" -maxdepth 3 -type f \\( -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" -o -name "*.py" -o -name "*.m...