Back to plugin

Security audit

ScrapeBadger

Security checks across malware telemetry and agentic risk

Overview

ScrapeBadger appears to be a coherent scraping API plugin, but it will send your ScrapeBadger API key and requested URLs/searches to the ScrapeBadger service.

Before installing, make sure you trust ScrapeBadger with the URLs and searches you ask it to process, set only the intended SCRAPEBADGER_API_KEY, and verify that SCRAPEBADGER_API_URL is not pointed at an unexpected service. No artifact-backed malicious behavior was found in the provided visible source.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
src/api.ts:5
Evidence
const BASE_URL = process.env.SCRAPEBADGER_API_URL || "https://scrapebadger.com";