mage-remote-run-plugin
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for registering and unregistering plugins using the mage-remote-run plugin register command, which is a core administrative feature.
- [REMOTE_CODE_EXECUTION]: The plugin architecture allows for the execution of custom JavaScript code as ESM modules within the CLI environment. The skill provides clear guidelines and safety rules for implementing these extensions.
- [DATA_EXFILTRATION]: While plugins can interact with external APIs via the createClient factory, this functionality is restricted to authorized Magento and Adobe Commerce endpoints as intended by the tool's design.
- [SAFE]: All referenced domains, such as mage-remote-run.muench.dev, and naming patterns for packages and commands are consistent with the vendor's verified identity.
Audit Metadata