Is Miranum Copilot safe to use?

Miranum Copilot has a security risk score of 63.05/100 (MEDIUM risk). Our security analysis detected 7515 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of Miranum Copilot?

Based on our automated security analysis, Miranum Copilot presents medium risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "Miranum Copilot" on VS Code Marketplace Safe to Install?

Name: Miranum Copilot
Availability: InStock
Author: Miragon

Miragon · vscode · v0.1.0

A AI-powered copilot for the unique needs and challenges faced in BPM.

Risk Assessment

Analyzed

63.05

out of 100

MEDIUM

7515 security findings detected across all analyzers

VS Code extension analyzed via package manifest and static code analysis

Severity Breakdown

Critical

1564

High

5944

Medium

Low

Info

Finding Categories

1000

Malware Signatures

YARA Rules Matched

15 rules(1000 hits)

NoUseWeakRandom postinstall registry modification postinstall network communication postinstall environment access credential env files postinstall crypto operations postinstall system command postinstall file manipulation postinstall obfuscation DebuggerStatementsShouldNotBeUsed postinstall file download SQLInjection postinstall persistence mechanism NoUseEval UsingCommandLineArguments

About This Extension

A AI-powered copilot for the unique needs and challenges faced in BPM.

Detailed Findings

1000 total

YARA Rule Matches

15 rules

Security Analysis Summary

Security Analysis Overview

Miranum Copilot is a Visual Studio Code Marketplace extension published by Miragon. Version 0.1.0 has been analyzed by the Risky Plugins security platform, receiving a risk score of 63.05/100 (MEDIUM risk) based on 7515 security findings.

Risk Assessment

This extension presents high security risk. Significant concerns were identified during analysis. It is not recommended for use in sensitive or production environments without thorough review.

Findings Breakdown

High: 1564 finding(s)
Medium: 5944 finding(s)
Low: 7 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

Miranum Copilot is published by Miragon on the Visual Studio Code Marketplace marketplace. The extension has approximately 86 users.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.