Back to plugin

Security audit

KeplerPlugin

Security checks across malware telemetry and agentic risk

Overview

Kepler’s save-and-recall purpose is coherent, but its MCP setup runs an unpinned remote Python script that also handles persistent Kepler OAuth access.

Review before installing. The Kepler functionality itself is consistent with saving and recalling links, but the MCP runner should ideally be pinned to a reviewed version, and you should be comfortable with local OAuth token storage and the assistant accessing your saved Kepler spaces.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.