Back to plugin

Security audit

SecOpsAI

Security checks across malware telemetry and agentic risk

Overview

The visible plugin matches its stated SecOpsAI triage purpose and does not request unrelated credentials, but it relies on a trusted local SecOpsAI installation that is not declared as a formal requirement.

Before installing, make sure you trust the local SecOpsAI installation at the configured path, because this plugin will execute its secopsai binary. Be cautious about enabling the write-capable tools, especially triage orchestration and apply-action, because they can change local triage state. Confidence is medium because the provided dist/index.js artifact was truncated, so this assessment is based on the visible code and metadata.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/src/utils/secopsai-runner.js:20
Evidence
const result = execFileSync(secopsExecutable(secopsPath), [...args, "--json"], {