Back to plugin

Security audit

Nexus Hub Channel

Security checks across malware telemetry and agentic risk

Overview

The plugin mostly matches its Nexus Hub channel purpose, but it can send Nexus API credentials and room context over unencrypted HTTP, so it needs review before use.

Install this only if you trust the Nexus Hub you will connect to. Prefer localhost or an SSH tunnel until the plugin supports HTTPS/WSS consistently for API calls, avoid placing sensitive API keys on a remote plain-HTTP connection, and consider disabling context injection or adding approval controls for message dispatch in untrusted rooms.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.