File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- dist/venice-search-runtime.js:52
- Evidence
const apiKey = [REDACTED](searchConfig);
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a normal Venice AI web search provider that only needs a Venice API key and sends search queries to Venice's search endpoint.
This plugin looks internally consistent for a Venice AI web search integration. Before installing, be aware that searches and the Venice API key are sent to Venice by default, and if you configure a custom baseUrl, they will be sent to that custom endpoint instead. Only use the baseUrl override with a proxy or endpoint you trust.
61/61 vendors flagged this plugin as clean.
Detected: suspicious.exposed_secret_literal
const apiKey = [REDACTED](searchConfig);
const apiKey = [REDACTED](searchConfig);