Security audit
GotoPlan
Security checks across malware telemetry and agentic risk
Overview
GotoPlan appears to be a disclosed plan-management plugin, but users should notice that it runs plugin code, uses API credentials, can write to task systems, and supports autonomous multi-agent workflows.
This skill looks coherent for plan and task management. Install it only if you trust the publisher and repository, use limited-scope API keys, confirm all write/sync actions, and monitor any cloned AI agents so they do not remain active longer than intended.
VirusTotal
67/67 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
