Back to plugin

Security audit

Abel

Security checks across malware telemetry and agentic risk

Overview

Abel appears to be a legitimate Abel API and strategy-research bundle, but it expects local Python workflows, Abel credentials, cloud API calls, and persistent research files.

Install only if you are comfortable letting the agent run Abel research commands, use an Abel API token, send graph/research queries to Abel services, and store persistent research files in the workspace. Review generated strategy code and session evidence before running or visualizing it online.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
skills/abel-common/python/abel_common/cap/auth.py:90
Evidence
api_key = [REDACTED]("apiKey")

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
skills/abel-invest/abel_invest/narrative_core/dashboard.py:210
Evidence
api_key = [REDACTED](args.api_key, workspace_root=workspace_root)