Security audit
Nexus Hub Channel
Security checks across malware telemetry and agentic risk
Overview
The plugin mostly matches its Nexus Hub channel purpose, but it can send Nexus API credentials and room context over unencrypted HTTP, so it needs review before use.
Install this only if you trust the Nexus Hub you will connect to. Prefer localhost or an SSH tunnel until the plugin supports HTTPS/WSS consistently for API calls, avoid placing sensitive API keys on a remote plain-HTTP connection, and consider disabling context injection or adding approval controls for message dispatch in untrusted rooms.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Static analysis
No suspicious patterns detected.
