Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/index.js:10
- Evidence
const mounts = execSync("mount", { encoding: "utf-8", timeout: 3000 });
Security audit
Security checks across malware telemetry and agentic risk
Plur1bus matches its cloud memory purpose, but it automatically runs a remote installer, creates long-lived DeepLake credentials, and stores shared conversation memory in the cloud by default.
Install only if you are comfortable with a plugin that can run a DeepLake installer, create local/cloud credentials, mount a filesystem, and automatically preserve conversations in shared cloud memory. Consider manually installing DeepLake first, reviewing the package after the leaked token is removed, and disabling auto-capture for sensitive chats.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec
const mounts = execSync("mount", { encoding: "utf-8", timeout: 3000 });const output = execSync(`grep -rni ${this.shellEscape(query)} ${this.shellEscape(this.mountPath)}/MEMORY.md ${this.shellEscape(this.mountPath)}/memory/ 2>/dev/n...const mounts = execSync("mount", { encoding: "utf-8", timeout: 3000 }) as string;const output = execSync(