Sensitive information in third party packages from Uipath Go!


I have a short question. If we use third party packages from Uipath Go! that manipulate tables with sensitive information, do your security checks ensure that the sensitive data cannot be extracted or observed by whoever created the activity?

Best Wishes,
Rikke Mohn

I cannot answer completely as I am not a UiPath employee but I can give my insight as a member who has posted components on UiPath go. In my experience the grading and acceptance of workflows and code is very strict. Down to the naming and structure of the workflows is even taken into account. My guess is that if they are requiring revisions based on variable naming formats, they are most likely doing in depth code reviews to make sure that no malicious code exists. I personally wouldn’t be too worried about Packages from UiPath go marketplace or any of the package locations that come standard in the package manager.


Hello Rikke!

We indeed do have checks and automatic scans that detect this type of behavior. You can also take a look at the FAQs here -
Furthermore, there are major changes coming really soon and you will notice enhancements both on the process side as well as on the documentation that we have around the processes.

Thank you for the question and stay tuned! :slight_smile:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.