Is your feature request related to a problem?
Plugins installed via matcha install <url> or the marketplace UI are downloaded and executed without any verification of authenticity or integrity. There is no checksum validation, no signature checking, and no sandboxed preview. A compromised plugin source or MITM attack could inject malicious Lua code.
Describe the solution you'd like
At minimum:
- Add SHA-256 checksums to
plugins/registry.json for each plugin
- Verify the checksum after download before installing
- Show the user the plugin source and request confirmation before installation
Ideally:
- Add plugin signing with a trusted key
- Verify signatures before installation
Describe alternatives you've considered
Relying solely on the Lua sandbox (no os, io, debug libs). While this limits damage, plugins still have HTTP access (matcha.http()) which could be used to exfiltrate data visible through the plugin API (email subjects, recipients, etc.).
Additional context
The current plugins/registry.json has no integrity fields — just name, title, description, file, and optional URL.
Is your feature request related to a problem?
Plugins installed via
matcha install <url>or the marketplace UI are downloaded and executed without any verification of authenticity or integrity. There is no checksum validation, no signature checking, and no sandboxed preview. A compromised plugin source or MITM attack could inject malicious Lua code.Describe the solution you'd like
At minimum:
plugins/registry.jsonfor each pluginIdeally:
Describe alternatives you've considered
Relying solely on the Lua sandbox (no
os,io,debuglibs). While this limits damage, plugins still have HTTP access (matcha.http()) which could be used to exfiltrate data visible through the plugin API (email subjects, recipients, etc.).Additional context
The current
plugins/registry.jsonhas no integrity fields — just name, title, description, file, and optional URL.