Back to plugin

Security audit

Talk2Stock

Security checks across malware telemetry and agentic risk

Overview

The plugin’s core purpose is legitimate, but it registers more tools than its manifest discloses, including a stock-deducting ship-by-name action.

Review this before installing because it can change real business data in Talk2Stock. The main concern is disclosure: the runtime registers several tools that are not listed in the plugin manifest, including a ship-by-name tool that can mark an order shipped and deduct stock. Only install it if you trust the publisher, intend to grant order and inventory mutation authority, and are comfortable configuring a Talk2Stock API key for these actions.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.