Is @elastic/apm-rum-core safe to use?

@elastic/apm-rum-core has a security risk score of 100/100 (CRITICAL risk). Our security analysis detected 361 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of @elastic/apm-rum-core?

Based on our automated security analysis, @elastic/apm-rum-core presents critical risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "@elastic/apm-rum-core" on n8n Safe to Install?

Name: @elastic/apm-rum-core
Availability: InStock
Author: GitHub Actions

GitHub Actions · n8n · v5.25.2

Elastic apm core

Risk Assessment

Analyzed

100

out of 100

CRITICAL

361 security findings detected across all analyzers

Severity Breakdown

Critical

High

154

Medium

207

Low

Info

Finding Categories

Network

145

IoC Indicators

YARA Rules Matched

11 rules(204 hits)

postinstall network communication postinstall file manipulation postinstall file download postinstall system command credential env files postinstall obfuscation postinstall persistence mechanism NoUseWeakRandom postinstall environment access postinstall crypto operations LocalStorageShouldNotBeUsed

About This Extension

Elastic apm core

Detailed Findings

216 total

YARA Rule Matches

11 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs

IP Addresses

Domains

Strings

145

All Indicators · 145

Domain

detected Domain: transaction.spans.map

XIOC detected Domain: transaction.spans.map

extracted_from_files

Domain

detected Domain: language.name

XIOC detected Domain: language.name

extracted_from_files

Domain

detected Domain: task.data

XIOC detected Domain: task.data

extracted_from_files

Domain

detected Domain: tr.spans.map

XIOC detected Domain: tr.spans.map

extracted_from_files

Domain

detected Domain: transactions.map

XIOC detected Domain: transactions.map

extracted_from_files

Domain

detected Domain: metricsets.map

XIOC detected Domain: metricsets.map

extracted_from_files

Domain

detected Domain: errors.map

XIOC detected Domain: errors.map

extracted_from_files

Domain

detected Domain: service.name

XIOC detected Domain: service.name

extracted_from_files

Domain

detected Domain: contributing.md

XIOC detected Domain: contributing.md

extracted_from_files

Domain

detected Domain: goo.gl

XIOC detected Domain: goo.gl

extracted_from_files

Domain

detected Domain: compressed.cu

XIOC detected Domain: compressed.cu

extracted_from_files

Domain

detected Domain: user.email

XIOC detected Domain: user.email

extracted_from_files

Domain

detected Domain: user.id

XIOC detected Domain: user.id

extracted_from_files

Domain

detected Domain: context.page

XIOC detected Domain: context.page

extracted_from_files

Domain

detected Domain: compressed.sc

XIOC detected Domain: compressed.sc

extracted_from_files

Domain

detected Domain: compressed.mt

XIOC detected Domain: compressed.mt

extracted_from_files

Domain

detected Domain: frames.map

XIOC detected Domain: frames.map

extracted_from_files

Domain

detected Domain: transaction.id

XIOC detected Domain: transaction.id

extracted_from_files

Domain

detected Domain: www.elastic.co

XIOC detected Domain: www.elastic.co

extracted_from_files

Hash

detected SHA1 Hash: f6577c495306f1e93174d69bd79f9fb8a418da75

XIOC detected SHA1 Hash: f6577c495306f1e93174d69bd79f9fb8a418da75

extracted_from_files

Hash

detected SHA1 Hash: 8977966d0061cca33a01a88f5b4893d3304d4840

XIOC detected SHA1 Hash: 8977966d0061cca33a01a88f5b4893d3304d4840

extracted_from_files

Hash

detected SHA1 Hash: 3806160ffbc93c3c4abf210a167b81228172b31c

XIOC detected SHA1 Hash: 3806160ffbc93c3c4abf210a167b81228172b31c

extracted_from_files

Hash

detected SHA1 Hash: b0020d5df18998609b38786878f7a0b92cc680aa

XIOC detected SHA1 Hash: b0020d5df18998609b38786878f7a0b92cc680aa

extracted_from_files

URL

detected URL: https://bugs.webkit.org/show_bug.cgi?id=168057

XIOC detected URL: https://bugs.webkit.org/show_bug.cgi?id=168057

extracted_from_files

URL

detected URL: https://bugs.webkit.org/show_bug.cgi?id=186919

XIOC detected URL: https://bugs.webkit.org/show_bug.cgi?id=186919

extracted_from_files

URL

detected URL: https://github.com/web-platform-tests/wpt/blob/b0020d5df18998609b38786878f7a0b92cc680aa/resource-timing/resource_initiator_types.html#L93

XIOC detected URL: https://github.com/web-platform-tests/wpt/blob/b0020d5df18998609b38786878f7a0b92cc680aa/resource-timing/resource_initiator_types.html#L93

extracted_from_files

URL

detected URL: https://www.w3.org/TR/trace-context/

XIOC detected URL: https://www.w3.org/TR/trace-context/

extracted_from_files

URL

detected URL: https://www.w3.org/TR/trace-context/#tracestate-header

XIOC detected URL: https://www.w3.org/TR/trace-context/#tracestate-header

extracted_from_files

Hash

detected MD5 Hash: 00000000000000000000000000000000

XIOC detected MD5 Hash: 00000000000000000000000000000000

extracted_from_files

Hash

detected SHA1 Hash: c479fd792b56bb4f010df9c4d7725d81b1daf83a

XIOC detected SHA1 Hash: c479fd792b56bb4f010df9c4d7725d81b1daf83a

extracted_from_files

URL

detected URL: https://w3c.github.io/longtasks/#performancelongtasktiming

XIOC detected URL: https://w3c.github.io/longtasks/#performancelongtasktiming

extracted_from_files

URL

detected URL: https://developer.mozilla.org/en-US/docs/Web/API/LayoutShift

XIOC detected URL: https://developer.mozilla.org/en-US/docs/Web/API/LayoutShift

extracted_from_files

URL

detected URL: https://web.dev/evolving-cls/

XIOC detected URL: https://web.dev/evolving-cls/

extracted_from_files

URL

detected URL: https://wicg.github.io/largest-contentful-paint/

XIOC detected URL: https://wicg.github.io/largest-contentful-paint/

extracted_from_files

URL

detected URL: https://www.w3.org/TR/paint-timing/

XIOC detected URL: https://www.w3.org/TR/paint-timing/

extracted_from_files

Domain

detected Domain: reason.name

XIOC detected Domain: reason.name

extracted_from_files

URL

detected URL: https://www.w3.org/TR/performance-timeline/#observe-method)

XIOC detected URL: https://www.w3.org/TR/performance-timeline/#observe-method)

extracted_from_files

URL

detected URL: https://github.com/GoogleChrome/web-vitals/blob/3806160ffbc93c3c4abf210a167b81228172b31c/src/onINP.ts#L203

XIOC detected URL: https://github.com/GoogleChrome/web-vitals/blob/3806160ffbc93c3c4abf210a167b81228172b31c/src/onINP.ts#L203

extracted_from_files

URL

detected URL: https://bugs.chromium.org/p/chromium/issues/detail?id=1325826

XIOC detected URL: https://bugs.chromium.org/p/chromium/issues/detail?id=1325826

extracted_from_files

URL

detected URL: https://www.w3.org/TR/event-timing/#sec-computing-interactionid

XIOC detected URL: https://www.w3.org/TR/event-timing/#sec-computing-interactionid

extracted_from_files

URL

detected URL: https://www.w3.org/TR/event-timing/#user-interaction-value

XIOC detected URL: https://www.w3.org/TR/event-timing/#user-interaction-value

extracted_from_files

URL

detected URL: https://w3c.github.io/longtasks/

XIOC detected URL: https://w3c.github.io/longtasks/

extracted_from_files

URL

detected URL: https://w3c.github.io/longtasks/#sec-PerformanceLongTaskTiming

XIOC detected URL: https://w3c.github.io/longtasks/#sec-PerformanceLongTaskTiming

extracted_from_files

URL

detected URL: https://w3c.github.io/longtasks/#sec-TaskAttributionTiming

XIOC detected URL: https://w3c.github.io/longtasks/#sec-TaskAttributionTiming

extracted_from_files

URL

detected URL: https://github.com/elastic/apm/blob/main/specs/agents/tracing-distributed-tracing.md#tracestate

XIOC detected URL: https://github.com/elastic/apm/blob/main/specs/agents/tracing-distributed-tracing.md#tracestate

extracted_from_files

URL

detected URL: https://www.w3.org/TR/server-timing/

XIOC detected URL: https://www.w3.org/TR/server-timing/

extracted_from_files

URL

detected URL: http://jsperf.com/isobject4

XIOC detected URL: http://jsperf.com/isobject4

extracted_from_files

URL

detected URL: http://www.2ality.com/2014/05/current-script.html

XIOC detected URL: http://www.2ality.com/2014/05/current-script.html

extracted_from_files

URL

detected URL: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/find

XIOC detected URL: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/find

extracted_from_files

URL

detected URL: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#exceptions

XIOC detected URL: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#exceptions

extracted_from_files

URL

detected URL: https://developer.mozilla.org/en-US/docs/Tools/Debugger-API/Debugger.Object#Accessor_Properties_of_the_Debugger.Object_prototype)

XIOC detected URL: https://developer.mozilla.org/en-US/docs/Tools/Debugger-API/Debugger.Object#Accessor_Properties_of_the_Debugger.Object_prototype)

extracted_from_files

URL

detected URL: https://wicg.github.io/compression/

XIOC detected URL: https://wicg.github.io/compression/

extracted_from_files

URL

detected URL: https://developers.google.com/web/updates/2018/07/page-lifecycle-api

XIOC detected URL: https://developers.google.com/web/updates/2018/07/page-lifecycle-api

extracted_from_files

URL

detected URL: http://the-url-of-the-web-page.tld/path-example'

XIOC detected URL: http://the-url-of-the-web-page.tld/path-example'

extracted_from_files

URL

detected URL: https://github.com/unshiftio/url-parse/blob/master/index.js

XIOC detected URL: https://github.com/unshiftio/url-parse/blob/master/index.js

extracted_from_files

URL

detected URL: http://a@[email protected]/d

XIOC detected URL: http://a@[email protected]/d

extracted_from_files

URL

detected URL: https://github.com/uuidjs/uuid/blob/8977966d0061cca33a01a88f5b4893d3304d4840/src/bytesToUuid.js

XIOC detected URL: https://github.com/uuidjs/uuid/blob/8977966d0061cca33a01a88f5b4893d3304d4840/src/bytesToUuid.js

extracted_from_files

URL

detected URL: https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues

XIOC detected URL: https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues

extracted_from_files

URL

detected URL: https://www.elastic.co/guide/en/apm/agent/rum-js/current/index.html).

XIOC detected URL: https://www.elastic.co/guide/en/apm/agent/rum-js/current/index.html).

extracted_from_files

URL

detected URL: https://goo.gl/forms/nLCXGCvziqalzjlP2).

XIOC detected URL: https://goo.gl/forms/nLCXGCvziqalzjlP2).

extracted_from_files

URL

detected URL: https://github.com/elastic/apm-agent-rum-js.git

XIOC detected URL: https://github.com/elastic/apm-agent-rum-js.git

extracted_from_files

URL

detected URL: https://github.com/preactjs/preact/blob/f6577c495306f1e93174d69bd79f9fb8a418da75/hooks/src/index.js#L285-L297

XIOC detected URL: https://github.com/preactjs/preact/blob/f6577c495306f1e93174d69bd79f9fb8a418da75/hooks/src/index.js#L285-L297

extracted_from_files

URL

detected URL: https://fetch.spec.whatwg.org/#concept-network-error

XIOC detected URL: https://fetch.spec.whatwg.org/#concept-network-error

extracted_from_files

URL

detected URL: https://bugs.chromium.org/p/chromium/issues/detail?id=835821

XIOC detected URL: https://bugs.chromium.org/p/chromium/issues/detail?id=835821

extracted_from_files

URL

detected URL: https://github.com/elastic/apm-server/blob/master/model/modeldecoder/field/rum_v3_mapping.go

XIOC detected URL: https://github.com/elastic/apm-server/blob/master/model/modeldecoder/field/rum_v3_mapping.go

extracted_from_files

Domain

detected Domain: www.w3.org

XIOC detected Domain: www.w3.org

extracted_from_files

Domain

detected Domain: jsperf.com

XIOC detected Domain: jsperf.com

extracted_from_files

Domain

detected Domain: www.2ality.com

XIOC detected Domain: www.2ality.com

extracted_from_files

Domain

detected Domain: tracing-distributed-tracing.md

XIOC detected Domain: tracing-distributed-tracing.md

extracted_from_files

Domain

detected Domain: w3c.github.io

XIOC detected Domain: w3c.github.io

extracted_from_files

Domain

detected Domain: web.dev

XIOC detected Domain: web.dev

extracted_from_files

Domain

detected Domain: bugs.webkit.org

XIOC detected Domain: bugs.webkit.org

extracted_from_files

Domain

detected Domain: resourcetimingentry.name

XIOC detected Domain: resourcetimingentry.name

extracted_from_files

Domain

detected Domain: fetch.spec.whatwg.org

XIOC detected Domain: fetch.spec.whatwg.org

extracted_from_files

Domain

detected Domain: bugs.chromium.org

XIOC detected Domain: bugs.chromium.org

extracted_from_files

Domain

detected Domain: wicg.github.io

XIOC detected Domain: wicg.github.io

extracted_from_files

Domain

detected Domain: developers.google.com

XIOC detected Domain: developers.google.com

extracted_from_files

Domain

detected Domain: c.com

XIOC detected Domain: c.com

extracted_from_files

Domain

detected Domain: developer.mozilla.org

XIOC detected Domain: developer.mozilla.org

extracted_from_files

Domain

detected Domain: exports.page

XIOC detected Domain: exports.page

extracted_from_files

Domain

detected Domain: exports.name

XIOC detected Domain: exports.name

extracted_from_files

Domain

detected Domain: exports.click

XIOC detected Domain: exports.click

extracted_from_files

Domain

detected Domain: constants.page

XIOC detected Domain: constants.page

extracted_from_files

Domain

detected Domain: constants.click

XIOC detected Domain: constants.click

extracted_from_files

Domain

detected Domain: exports.now

XIOC detected Domain: exports.now

extracted_from_files

Domain

detected Domain: constants.name

XIOC detected Domain: constants.name

extracted_from_files

Domain

detected Domain: this.id

XIOC detected Domain: this.id

extracted_from_files

Domain

detected Domain: options.id

XIOC detected Domain: options.id

extracted_from_files

Domain

detected Domain: spanbase.call

XIOC detected Domain: spanbase.call

extracted_from_files

Domain

detected Domain: spanbase.prototype.end.call

XIOC detected Domain: spanbase.prototype.end.call

extracted_from_files

Domain

detected Domain: date.now

XIOC detected Domain: date.now

extracted_from_files

Domain

detected Domain: tr.session.id

XIOC detected Domain: tr.session.id

extracted_from_files

Domain

detected Domain: utils.now

XIOC detected Domain: utils.now

extracted_from_files

Domain

detected Domain: entry.name

XIOC detected Domain: entry.name

extracted_from_files

Domain

detected Domain: span.name

XIOC detected Domain: span.name

extracted_from_files

Domain

detected Domain: lastspan.name

XIOC detected Domain: lastspan.name

extracted_from_files

Domain

detected Domain: span.id

XIOC detected Domain: span.id

extracted_from_files

Domain

detected Domain: tr.id

XIOC detected Domain: tr.id

extracted_from_files

Domain

detected Domain: tr.name

XIOC detected Domain: tr.name

extracted_from_files

Domain

detected Domain: this.name

XIOC detected Domain: this.name

extracted_from_files

Domain

detected Domain: ottracer.call

XIOC detected Domain: ottracer.call

extracted_from_files

Domain

detected Domain: options.childof.id

XIOC detected Domain: options.childof.id

extracted_from_files

Domain

detected Domain: leastslow.id

XIOC detected Domain: leastslow.id

extracted_from_files

Domain

detected Domain: interaction.id

XIOC detected Domain: interaction.id

extracted_from_files

Domain

detected Domain: i.name

XIOC detected Domain: i.name

extracted_from_files

Domain

detected Domain: customcontext.name

XIOC detected Domain: customcontext.name

extracted_from_files

Domain

detected Domain: customcontext.id

XIOC detected Domain: customcontext.id

extracted_from_files

Domain

detected Domain: predicate.call

XIOC detected Domain: predicate.call

extracted_from_files

Domain

detected Domain: currenttransaction.id

XIOC detected Domain: currenttransaction.id

extracted_from_files

Domain

detected Domain: github.com

XIOC detected Domain: github.com

extracted_from_files

Domain

detected Domain: stackframes.map

XIOC detected Domain: stackframes.map

extracted_from_files

Domain

detected Domain: normalizedstacktraces.map

XIOC detected Domain: normalizedstacktraces.map

extracted_from_files

Domain

detected Domain: otspan.call

XIOC detected Domain: otspan.call

extracted_from_files

Domain

detected Domain: this.span.name

XIOC detected Domain: this.span.name

extracted_from_files

Domain

detected Domain: reader.read

XIOC detected Domain: reader.read

extracted_from_files

Domain

detected Domain: error.name

XIOC detected Domain: error.name

extracted_from_files

Domain

detected Domain: task.data.target

XIOC detected Domain: task.data.target

extracted_from_files

Domain

detected Domain: name.map

XIOC detected Domain: name.map

extracted_from_files

Domain

detected Domain: this.host

XIOC detected Domain: this.host

extracted_from_files

Domain

detected Domain: perf.now

XIOC detected Domain: perf.now

extracted_from_files

Domain

detected Domain: slice.call

XIOC detected Domain: slice.call

extracted_from_files

Domain

detected Domain: usercontext.email

XIOC detected Domain: usercontext.email

extracted_from_files

Domain

detected Domain: context.id

XIOC detected Domain: context.id

extracted_from_files

Domain

detected Domain: context.email

XIOC detected Domain: context.email

extracted_from_files

Domain

detected Domain: data.target

XIOC detected Domain: data.target

extracted_from_files

Domain

detected Domain: transaction.context.page

XIOC detected Domain: transaction.context.page

extracted_from_files

Domain

detected Domain: xhr.open

XIOC detected Domain: xhr.open

extracted_from_files

Domain

detected Domain: event.target

XIOC detected Domain: event.target

extracted_from_files

Domain

detected Domain: error.id

XIOC detected Domain: error.id

extracted_from_files

Domain

detected Domain: compressed.pid

XIOC detected Domain: compressed.pid

extracted_from_files

Domain

detected Domain: breakdowns.map

XIOC detected Domain: breakdowns.map

extracted_from_files

Domain

detected Domain: time.sum.us

XIOC detected Domain: time.sum.us

extracted_from_files

Domain

detected Domain: hasownproperty.call

XIOC detected Domain: hasownproperty.call

extracted_from_files

Domain

detected Domain: this.events

XIOC detected Domain: this.events

extracted_from_files

Domain

detected Domain: usercontext.id

XIOC detected Domain: usercontext.id

extracted_from_files

Domain

detected Domain: spandata.pid

XIOC detected Domain: spandata.pid

extracted_from_files

Domain

detected Domain: spandata.sy

XIOC detected Domain: spandata.sy

extracted_from_files

Domain

detected Domain: spandata.su

XIOC detected Domain: spandata.su

extracted_from_files

Domain

detected Domain: spandata.ac

XIOC detected Domain: spandata.ac

extracted_from_files

Domain

detected Domain: transaction.name

XIOC detected Domain: transaction.name

extracted_from_files

Domain

detected Domain: session.id

XIOC detected Domain: session.id

extracted_from_files

Domain

detected Domain: tr.ses

XIOC detected Domain: tr.ses

extracted_from_files

Domain

detected Domain: compressedntmarks.rs

XIOC detected Domain: compressedntmarks.rs

extracted_from_files

Domain

detected Domain: agent.name

XIOC detected Domain: agent.name

extracted_from_files

URL

detected URL: https://w3c.github.io/performance-timeline/#observe-method)

XIOC detected URL: https://w3c.github.io/performance-timeline/#observe-method)

extracted_from_files

Security Analysis Summary

Security Analysis Overview

@elastic/apm-rum-core is a n8n extension published by GitHub Actions. Version 5.25.2 has been analyzed by the Risky Plugins security platform, receiving a risk score of 100/100 (CRITICAL risk) based on 361 security findings.

Risk Assessment

This extension presents critical security risk. Severe issues were detected, potentially including malware indicators, exposed secrets, or dangerous behaviors. Installation is strongly discouraged until these issues are addressed.

Findings Breakdown

Medium: 154 finding(s)
Low: 207 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

@elastic/apm-rum-core is published by GitHub Actions on the n8n marketplace.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

snow-flow

GitHub Actions

CRITICAL

@frontmcp/uipack

GitHub Actions

CRITICAL

@stainless-api/gitlab-internal

GitHub Actions

CRITICAL

@inkeep/agents-manage-ui

GitHub Actions

CRITICAL

documcp

GitHub Actions

CRITICAL

proofscan

GitHub Actions

CRITICAL

Risk Assessment

Severity Breakdown

Finding Categories

YARA Rules Matched

About This Extension

Detailed Findings

NET-FETCH-package/src/common/http/fetch.js-68

NET-FETCH-package/dist/lib/common/http/fetch.js-40

NET-XMLHTTPREQUEST-package/src/common/utils.js-33

NET-XMLHTTPREQUEST-package/dist/es/common/utils.js-6

NET-XMLHTTPREQUEST-package/dist/lib/common/utils.js-50

NET-XMLHTTPREQUEST-package/dist/es/common/http/xhr.js-12

NET-XMLHTTPREQUEST-package/src/common/http/xhr.js-42

NET-XMLHTTPREQUEST-package/dist/lib/common/http/xhr.js-16

NET-FETCH-package/dist/es/common/http/fetch.js-33

DEP-error-stack-parser-^1.3.5

DEP-opentracing-^0.14.3

DEP-promise-polyfill-^8.1.3

YARA Rule Matches

postinstall network communication

postinstall file manipulation

postinstall file download

postinstall system command

credential env files

postinstall obfuscation

postinstall persistence mechanism

NoUseWeakRandom

postinstall environment access

postinstall crypto operations

LocalStorageShouldNotBeUsed

Indicators of Compromise

All Indicators · 145

Security Analysis Summary

Security Analysis Overview

Risk Assessment

Findings Breakdown

What Was Analyzed

Developer Information

Recommendation

Frequently Asked Questions

Similar Extensions

snow-flow

@frontmcp/uipack

@stainless-api/gitlab-internal

@inkeep/agents-manage-ui

documcp

proofscan