Back to plugin

Security audit

Content Guard

Security checks across malware telemetry and agentic risk

Overview

This adapter appears to do what it says—redact outbound messages with a local Content Guard scanner—but it relies on a separate Python package that the registry metadata does not declare.

This looks internally coherent for an outbound content-redaction plugin. Before installing, verify that the separate Python package `content-guard` is the one you intend to trust, because this adapter sends every outbound message to that local scanner process. Also note that the default `failOpen: true` means messages will still be delivered unredacted if the scanner fails; set `failOpen: false` if blocking on scanner failure is important.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
index.mjs:138
Evidence
execFile(command, args, options, (error, stdout, stderr) => {