Back to plugin

Security audit

Canon Guardian

Security checks across malware telemetry and agentic risk

Overview

Canon Guardian mostly matches its stated purpose, but its configurable file-path handling may allow unintended local files outside the workspace to be injected into prompts.

Review this before installing. It appears purpose-aligned and has no hidden network endpoint or credential use in the provided code, but it will automatically inject configured workspace files into prompts. Prefer the default AGENTS.md/SOUL.md configuration, avoid ../ paths or symlinks in canonFiles, and keep injected canon files free of secrets.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.