--- name: security:ide-scan description: Scan installed VS Code / IntelliJ extensions for supply-chain risk, typosquats, obfuscation, and malicious patterns allowed-tools: Read, Glob, Grep, Bash model: sonnet --- # /security ide-scan Scan installed IDE extensions (VS Code + forks like Cursor/Windsurf/VSCodium/code-server; JetBrains is v1.1 stub). Runs the IDE scanner plus reused scanners (UNI, ENT, NET, TNT, MEM, SCR) per extension. Offline by default. ## Step 1: Run Scanner Run the IDE extension scanner: ``` node [target] ``` Arguments (pass through as provided by the user): - `[target]` — one of: - omit, `.`, or `all` → discover all installed extensions - absolute path to an extracted extension directory → single-scan mode - `https://marketplace.visualstudio.com/items?itemName=.` → fetch from VS Code Marketplace - `https://open-vsx.org/extension//[/]` → fetch from OpenVSX - `https://example.com/path/foo.vsix` → direct VSIX download (HTTPS only) - GitHub repo URLs are NOT supported in v6.4.0 (would require build step) - `--vscode-only` / `--intellij-only` — restrict discovery - `--include-builtin` — include Microsoft builtin extensions (default: excluded) - `--online` — enable Marketplace/OSV.dev lookups (opt-in; default: fully offline) - `--format compact|json` — output format - `--fail-on ` — exit 1 if findings at/above severity URL mode notes: - Hardened ZIP extractor with caps: 50MB compressed, 500MB uncompressed, 100x expansion ratio, 10 000 entries, depth 20. - Rejects: zip-slip paths, symlink entries, absolute paths, drive letters, encrypted entries, ZIP64. - TLS verified, HTTPS only, 30s timeout. Cross-host redirects rejected. - Temp directory always cleaned up (success, error, abort). - `meta.source` in the envelope contains `{ type: "url", kind, url, finalUrl, sha256, size, publisher, name, version }`. Parse the JSON output. The result contains: - `meta.scanner`, `meta.version`, `meta.target`, `meta.extensions_discovered` (per type), `meta.roots_scanned`, `meta.warnings` - `extensions[]` — per-extension results with `id`, `version`, `type`, `publisher`, `source`, `is_builtin`, `signed`, `scanner_results` (IDE/UNI/ENT/NET/TNT/MEM/SCR), `aggregate` (counts, risk_score, risk_band, verdict), `warnings` - `aggregate` — top-level counts, risk_score, risk_band, verdict, extensions_total, extensions_blocked, extensions_warning ## Step 2: Format Report Present the results: ``` # IDE Extension Scan | Field | Value | |-------|-------| | **Scanner** | ide-extension-scanner v[version] | | **Target** | [target] | | **Roots** | [comma-separated roots_scanned] | | **Extensions** | [vscode] VS Code, [jetbrains] JetBrains | | **Top Verdict** | [ALLOW/WARNING/BLOCK] | | **Risk** | [risk_score]/100 ([risk_band]) | | **Duration** | [duration_ms]ms | ## Counts crit=[N] high=[N] medium=[N] low=[N] info=[N] ## Per-Extension Results [One row per extension, sorted: BLOCK first, then WARNING, then ALLOW with findings] | Extension | Version | Source | Verdict | Risk | Top Issue | |-----------|---------|--------|---------|------|-----------| Omit ALLOW rows with zero findings unless the user passed `--verbose`. ## Top Findings [For each extension with verdict != ALLOW, list up to 3 findings as: - [SEV] [SCANNER]: title — file:line — recommendation] ## Warnings [Any top-level or per-extension `warnings` entries, if present] ``` ## Step 3: Recommendations - `aggregate.verdict === 'BLOCK'`: "One or more extensions are block-listed. Uninstall immediately — `code --uninstall-extension `." - `aggregate.verdict === 'WARNING'`: "High/medium findings detected. Review the Top Findings list. Audit suspicious extensions before continuing." - `aggregate.verdict === 'ALLOW'` and counts.info > 0: "Extensions look clean. Info-level findings are observational only." - `aggregate.extensions_total === 0`: "No extensions discovered. Run `code --list-extensions` to confirm, or pass a specific path." If the user has many sideloaded (`source=vsix`) extensions: suggest re-installing from Marketplace where possible. ## Notes - First run with no `--online` is fully offline. - JetBrains discovery is deferred to v1.1 (see `knowledge/ide-extension-threat-patterns.md`). - Pass a single extracted extension directory to scan just one extension.