File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- dist/index.js:56
- Evidence
const accessToken = [REDACTED](PROVIDER_ID).apiKey;
Security audit
Security checks across malware telemetry and agentic risk
This is a coherent Voxvey provider plugin that uses disclosed OAuth login and Voxvey API calls for models, media generation, and search.
Before installing, be comfortable giving Voxvey OAuth access with refresh-token persistence. Voxvey will receive the prompts, media inputs, model requests, and search queries you route through this provider.
57/57 vendors flagged this plugin as clean.
Detected: suspicious.exposed_secret_literal
const accessToken = [REDACTED](PROVIDER_ID).apiKey;