feat(llm-security): /security ide-scan <url> — Marketplace/OpenVSX/direct VSIX (v6.4.0)

Pre-installation verification of VS Code extensions via URL — fetch a remote VSIX, extract it in a hardened sandbox, and run the existing IDE scanner pipeline against it. No npm dependencies. Sources: - VS Code Marketplace (publisher.gallery.vsassets.io direct download) - OpenVSX (open-vsx.org official API) - Direct .vsix HTTPS URLs Defenses: - HTTPS-only, TLS verified, manual redirect with per-source host whitelist - 30s total timeout via AbortController - 50MB compressed cap, 500MB uncompressed, 100x expansion ratio - Zero-dep ZIP extractor: zip-slip, absolute paths, drive letters, NUL bytes, symlinks (Unix mode 0xA000), depth limits, ZIP64 rejected, encrypted rejected - SHA-256 streamed during fetch, surfaced in meta.source - Temp dir cleanup in all paths (try/finally) Files: - scanners/lib/vsix-fetch.mjs (HTTPS fetcher, host whitelist, streaming SHA-256) - scanners/lib/zip-extract.mjs (zero-dep parser with hardening caps) - knowledge/marketplace-api-notes.md (endpoint reference) - 3 test files (48 tests added: vsix-fetch, zip-extract, ide-extension-url) Tests: 1296 → 1344 (all green). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-17 17:16:26 +02:00 · 2026-04-17 17:16:26 +02:00 · fe0193956d
commit fe0193956d
parent 6252e55700
16 changed files with 1543 additions and 22 deletions
--- a/plugins/llm-security/bin/llm-security.mjs
+++ b/plugins/llm-security/bin/llm-security.mjs
@ -26,9 +26,12 @@ Commands:
      Quick security posture assessment (16 categories)
  audit-bom <target> [--output-file <path>]
      Generate AI Bill of Materials (CycloneDX 1.6)
-  ide-scan [target] [--vscode-only] [--intellij-only] [--include-builtin]
+  ide-scan [target|url] [--vscode-only] [--intellij-only] [--include-builtin]
           [--online] [--format compact|json] [--fail-on <severity>]
-      Scan installed VS Code / JetBrains extensions (offline by default)
+      Scan installed VS Code / JetBrains extensions, OR fetch a remote VSIX:
+        - https://marketplace.visualstudio.com/items?itemName=publisher.name
+        - https://open-vsx.org/extension/publisher/name[/version]
+        - https://example.com/foo.vsix (direct .vsix download)
  benchmark [--adaptive] [--category <name>]
      Run attack simulation benchmark