Back to plugin

Security audit

Relay Workspace

Security checks across malware telemetry and agentic risk

Overview

The plugin’s remote workspace file access is mostly disclosed and purpose-aligned, but its delete and path-boundary protections are weaker than the documentation claims.

Install only if you trust the Relay/Gateway environment and have backups of the workspace. Before using destructive operations, prefer a version that explicitly blocks deleting the workspace root and correctly handles symlinks or other paths that could escape the workspace.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.