Security audit
Pipeline Architect
Security checks across malware telemetry and agentic risk
Overview
This plugin is a disclosed workflow-orchestration tool whose main risk is that allowed agents can mutate or cancel durable TaskFlow pipelines.
Install only for agents that genuinely need durable pipeline control. Treat taskflow_cancel as disruptive, keep the tools out of broad default allowlists, and avoid storing sensitive secrets in stateJson or waitJson because flow state is designed to persist.
VirusTotal
61/61 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
