Back to plugin

Security audit

Agent Audit Gate

Security checks across malware telemetry and agentic risk

Overview

This plugin coherently implements a disclosed outbound-message audit gate and does not show artifact-backed exfiltration or destructive behavior.

Install only if you want this plugin to intercept configured messaging channels, store message/draft content in a local ledger, and route held drafts into a reviewer agent session. Configure SWITCHBOARD_OWN_NUMBERS, SWITCHBOARD_STORE, and the audit session deliberately, and leave debug logging unset unless you are comfortable writing message snippets to disk.

VirusTotal

57/57 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
dist/index.js:10
Evidence
function loadOwnNumbers(env = process.env) {

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
src/notify.ts:8
Evidence
const MAIN_SESSION = process.env.SWITCHBOARD_AUDIT_SESSION ?? "agent:main:main";