Mule-SonarQube-plugin - security concerns

Hi Team,
Good day!

We are using SonarQube 9.9 LTA version, we would like to add Mule-SonarQube-plugin (GitHub - mulesoft-catalyst/mule-sonarqube-plugin: The Mule SonarQube Plugin provides the capability to do code inspecting and taking project metrics from a mule project using SonarQube.) to scan MuleSoft code as per mule ruleset.
We would like to know how this plugin works in point of security concerns, and can we use this plugin as this is not available in SonarQube marketplace?
and will this plugin prone to any data leakage

Kindly provide your inputs/feedback about this plugin

Hey there.

We (Sonar) have no reason to believe it represents a specific security risk. And, we suggest reading this blog post: