Is GitHub Copilot Premium Quota Monitor safe to use?

GitHub Copilot Premium Quota Monitor has a security risk score of 100/100 (CRITICAL risk). Our security analysis detected 93 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of GitHub Copilot Premium Quota Monitor?

Based on our automated security analysis, GitHub Copilot Premium Quota Monitor presents critical risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "GitHub Copilot Premium Quota Monitor" on JetBrains Marketplace Safe to Install?

Name: GitHub Copilot Premium Quota Monitor
Availability: InStock
Rating: 4.4 (0 reviews)
Author: Antonio Petricca

Antonio Petricca · jetbrains · v1.0.4

GitHub Copilot Premium Quota Monitor is a plugin for the IntelliJ platform that helps you monitor the remaining quota of the GitHub Copilot premium model directly from...

Risk Assessment

Analyzed

100

out of 100

CRITICAL

93 security findings detected across all analyzers

JetBrains plugin analyzed via plugin.xml configuration and static code analysis

Severity Breakdown

Critical

High

Medium

Low

Info

Finding Categories

Malware Signatures

IoC Indicators

YARA Rules Matched

2 rules(12 hits)

postinstall persistence mechanism postinstall network communication

Plugin Configuration

JetBrains plugins declare dependencies and extension points in plugin.xml. Plugins can register actions, services, and listeners that run within the IDE process.

JETBRAINS-MANIFEST-APPLICATION-SERVICE-com.github.jetbrains.plugins.github_copilot_premium_quota_monitor.settings.PluginSettings

About This Extension

GitHub Copilot Premium Quota Monitor is a plugin for the IntelliJ platform that helps you monitor the remaining quota of the GitHub Copilot premium model directly from...

Detailed Findings

77 total

YARA Rule Matches

2 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs

IP Addresses

Domains

Strings

All Indicators · 16

Domain

detected Domain: api.github.com

XIOC detected Domain: api.github.com

extracted_from_files

URL

detected URL: https://github.com/Fabio-Pelliccia

XIOC detected URL: https://github.com/Fabio-Pelliccia

extracted_from_files

URL

detected URL: https://plugins.jetbrains.com/docs/marketplace/best-practices-for-listing.html#plugin-description

XIOC detected URL: https://plugins.jetbrains.com/docs/marketplace/best-practices-for-listing.html#plugin-description

extracted_from_files

URL

detected URL: https://github.com/antonio-petricca/github-copilot-premium-quota-monitor-for-ij

XIOC detected URL: https://github.com/antonio-petricca/github-copilot-premium-quota-monitor-for-ij

extracted_from_files

URL

detected URL: https://plugins.jetbrains.com/docs/marketplace/best-practices-for-listing.html#plugin-name

XIOC detected URL: https://plugins.jetbrains.com/docs/marketplace/best-practices-for-listing.html#plugin-name

extracted_from_files

URL

detected URL: https://plugins.jetbrains.com/docs/intellij/plugin-configuration-file.html

XIOC detected URL: https://plugins.jetbrains.com/docs/intellij/plugin-configuration-file.html

extracted_from_files

Domain

detected Domain: plugins.jetbrains.com

XIOC detected Domain: plugins.jetbrains.com

extracted_from_files

URL

detected URL: https://api.github.com/copilot_internal/user

XIOC detected URL: https://api.github.com/copilot_internal/user

extracted_from_files

URL

detected URL: https://github.com/mambrosino

XIOC detected URL: https://github.com/mambrosino

extracted_from_files

URL

detected URL: https://github.com/Enzo88

XIOC detected URL: https://github.com/Enzo88

extracted_from_files

URL

detected URL: https://plugins.jetbrains.com/docs/intellij/plugin-extension-points.html

XIOC detected URL: https://plugins.jetbrains.com/docs/intellij/plugin-extension-points.html

extracted_from_files

URL

detected URL: https://github.com/login/device/code

XIOC detected URL: https://github.com/login/device/code

extracted_from_files

URL

detected URL: https://github.com/login/device

XIOC detected URL: https://github.com/login/device

extracted_from_files

URL

detected URL: https://github.com/login/oauth/access_token

XIOC detected URL: https://github.com/login/oauth/access_token

extracted_from_files

URL

detected URL: https://api.github.com/user

XIOC detected URL: https://api.github.com/user

extracted_from_files

Domain

detected Domain: github.com

XIOC detected Domain: github.com

extracted_from_files

Security Analysis Summary

Security Analysis Overview

GitHub Copilot Premium Quota Monitor is a jetbrains extension published by Antonio Petricca. Version 1.0.4 has been analyzed by the Risky Plugins security platform, receiving a risk score of 100/100 (CRITICAL risk) based on 93 security findings.

Risk Assessment

This extension presents critical security risk. Severe issues were detected, potentially including malware indicators, exposed secrets, or dangerous behaviors. Installation is strongly discouraged until these issues are addressed.

Findings Breakdown

High: 13 finding(s)
Medium: 16 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

GitHub Copilot Premium Quota Monitor is published by Antonio Petricca on the jetbrains marketplace. The extension has approximately 407 users.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

maven-templating-for-intellij

Antonio Petricca

MINIMAL 7K users

DeltaShareXP

deltavi

CRITICAL 1K users

aDoctor

Emanuele Iannone

CRITICAL 2K users

Custom MybatisPlus Generator

zhanwang weilai

CRITICAL 2K users

DiamondSpin

Unknown Developer

CRITICAL 3K users

Contrast IDE

Contrast Security

CRITICAL 990 users

Risk Assessment

Severity Breakdown

Finding Categories

YARA Rules Matched

Plugin Configuration

About This Extension

Detailed Findings

JETBRAINS-MANIFEST-APPLICATION-SERVICE-com.github.jetbrains.plugins.github_copilot_premium_quota_monitor.settings.PluginSettings

HASH-8172af825d1e620b

HASH-6120eb3cf7170573

HASH-3c21c2ecc92f5f56

HASH-a086f1557ceff3e6

HASH-ae25f9699bf78e9c

HASH-07dd17d4288de15d

HASH-db0fd9c3723b6bd2

HASH-528e0b801a58a2ef

HASH-4175fd1afb58fe38

HASH-e43b1e273c861b6b

HASH-0e623fb6fc9048d0

HASH-656b3d35db5641e3

HASH-b2f8bceae22e81b5

HASH-ad8cf91d11ef875d

HASH-336f721e7003da93

HASH-e00d330c932752ee

HASH-453be5db357f7e6c

HASH-db92de5643f25d0b

HASH-62fd4b48862094cc

HASH-fe01c507ea5dc765

HASH-0e8ca16a21e07a7a

HASH-a696837e323117c2

HASH-113506600a60b1b2

HASH-fa9782077ebe4543

HASH-b356d5adb2b35542

HASH-eb7eeb0b50cf9c4f

HASH-36948168437e1256

HASH-c6a7430546c6ab59

HASH-dd92fbd87822f7e4

HASH-fbfa8229705370d8

HASH-621bdb09d0ef38c1

HASH-33d9f1988b0289ed

HASH-b2ff820b6a98d0c8

HASH-201568b5782d06c3

HASH-38af76a2b841a2ce

HASH-b53b916c31b3905d

HASH-2421b1a12338f717

HASH-070515aa3efa7f89

HASH-1f8bc869813c4de8

HASH-851de942f302359a

HASH-9a065ec05e49a970

HASH-2792f17599999ad7

HASH-9f50c31fd02eb014

HASH-d1780e705d2d2d88

HASH-b2fe1bbcef5ca239

HASH-77992f76d60b25f5

HASH-d2e5157aae265934

HASH-4a494d7532059cfe

HASH-4908b8d6911d72a8

HASH-fdb4255604423b2b

HASH-9cb3b81078507153

HASH-d899cb780c9df4f2

HASH-7532ad3d2061eb1f

HASH-4ae522ebd2104925

HASH-8f2e54d08471421d

HASH-35c941887452c06e

HASH-9fd5bcbc227fe176

HASH-3af1bfc2cbd4a3c0

HASH-185c6d0cf9ed57cc

HASH-8cde6e2e15711409

HASH-c0837260b620dd8a

HASH-7ae401c4ad50f501

HASH-ca9875ded3c06e4d

HASH-c51e36d3280129df

YARA Rule Matches

postinstall persistence mechanism

postinstall network communication

Indicators of Compromise

All Indicators · 16

Security Analysis Summary

Security Analysis Overview

Risk Assessment