File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- dist/src/liner-web-search-provider.runtime.js:134
- Evidence
const apiKey = [REDACTED](linerConfig);
Security audit
Security checks across malware telemetry and agentic risk
This plugin is a straightforward Liner web search provider that uses a user-supplied API key to send search queries to Liner and return results.
Install this only if you are comfortable sending your web search queries to Liner and storing or providing a Liner API key. Keep the default Liner endpoint unless you intentionally trust a custom base URL, because a custom endpoint would receive the configured API key.
61/61 vendors flagged this plugin as clean.
Detected: suspicious.exposed_secret_literal
const apiKey = [REDACTED](linerConfig);