Back to plugin

Security audit

QMD Recall

Security checks across malware telemetry and agentic risk

Overview

The plugin's code, hooks, and configuration are coherent with its stated purpose (querying a QMD HTTP endpoint and injecting relevant snippets into the prompt); nothing in the bundle requests unrelated credentials or performs unexpected system actions, but you should review the configured qmdUrl and plugin settings because the plugin will send user text to that endpoint and may inject private snippets into prompts.

This plugin appears to do exactly what it says: query a configured QMD HTTP endpoint and prepend relevant memory snippets to prompts. Before enabling it: (1) ensure qmdUrl points to a trusted, internal QMD service (avoid pointing it at unknown external URLs), (2) keep logSnippets false unless you understand the logging implications, (3) restrict agents and allowedChatTypes in the plugin config if you only want it to run in limited contexts, and (4) review minScore/maxResults/maxInjectedChars to limit how much private content can be injected. The bundled doctor script uses QMD_RECALL_URL for testing — that's optional. If you want stronger assurance, inspect runtime network policies to ensure the plugin can only reach the intended QMD host.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.