Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/index.js:9
- Evidence
const mounts = execSync("mount", { encoding: "utf-8", timeout: 3000 });
Security audit
Security checks across malware telemetry and agentic risk
Pluri1bus is a real cloud memory plugin, but it automatically runs remote setup commands and saves/reuses conversation content in shared cloud memory by default.
Only install this if you are comfortable with a DeepLake CLI/account being set up and your prompts being stored in shared cloud-backed memory. Consider disabling autoCapture and autoRecall until you understand the mount location, account, retention behavior, and who or what else can access the same memory.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec
const mounts = execSync("mount", { encoding: "utf-8", timeout: 3000 });const output = execSync(`grep -rni ${this.shellEscape(query)} ${this.shellEscape(this.mountPath)}/MEMORY.md ${this.shellEscape(this.mountPath)}/memory/ 2>/dev/n...const mounts = execSync("mount", { encoding: "utf-8", timeout: 3000 }) as string;const output = execSync(