zhin-plugin-lifecycle
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): No security issues detected. Analysis of the framework-specific code snippets reveals standard plugin architecture patterns.
- [False Positive Note] (SAFE): The automated alert regarding 'plugin.logger.info' is a false positive; it is a method call for logging within the Zhin framework, not a malicious URL.
- [Dynamic Execution] (LOW): The skill mentions 'plugin.import()' and hot-reloading, which involve dynamic code loading. This is an intended feature of the Zhin framework for plugin management and development workflows.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata