open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/llm-security/playground/test-fixtures/ide-scan.md
Kjell Tore Guttormsen ce3891bdd0 feat(llm-security): playground Fase 3 — v7.5.0 med 18 parsere/renderere 
Single-file SPA playground har nå parser + renderer for alle 18
produces_report=true-kommandoer (Fase 2: 10 høy-prio + Fase 3: 8
gjenstående: mcp-inspect, supply-check, pre-deploy, diff, watch,
registry, clean, threat-model). 18 markdown test-fixtures fungerer
som kontrakt-anker for parser-utvikling.

Komplett demo-prosjekt `dft-komplett-demo` har alle 18 rapporter
ferdig parsed inline — klikk-gjennom uten "parser ikke implementert"-
paneler. 2 nye archetypes i KEY_STATS_CONFIG: kanban-buckets (clean)
og matrix-risk (threat-model).

Bug-fix: normalizeVerdictText sjekker nå GO-WITH-CONDITIONS /
CONDITIONAL / BETINGET FØR plain GO så betinget verdict (pre-deploy
med åpne vilkår) ikke kollapser til ALLOW.

Eksponert 11 window-globaler for testing/automasjon (__store,
__navigate, __loadDemoState, __PARSERS, __RENDERERS, __CATALOG,
__inferVerdict, __inferKeyStats, __renderPageShell,
__handlePasteImport, __scheduleRender). 12 Playwright-genererte
screenshots i playground/screenshots/v7.5.0/.

A11Y-rapport (WCAG 2.1 AA): 0 blokkerende, 3 mindre forbedringer
flagget for v7.5.x patch (skip-link, heading-hierarki på project,
aria-live toast).

Versjonsbump 7.4.0 -> 7.5.0 i 10 filer (package.json, plugin.json,
CLAUDE.md header, README badge, CHANGELOG-entry, 3 scanner VERSION-
konstanter, ROADMAP, marketplace-rot README).

Ingen scanner- eller hook-behavior-changes — purely additive surface.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 22:15:47 +02:00

3.6 KiB
Raw Blame History

IDE-Extension Scan

Header

Field Value
Report type ide-scan
Target installed VS Code + JetBrains extensions
Date 2026-05-05
Version llm-security v7.4.0
Scope 47 VS Code extensions + 12 JetBrains plugins
Frameworks OWASP LLM Top 10, OWASP Agentic
Triggered by /security ide-scan

Risk Dashboard

Metric Value
Risk Score 28/100
Risk Band Medium
Grade C
Verdict WARNING
Severity Count
Critical 0
High 1
Medium 4
Low 7
Info 12
Total 24

Verdict rationale: One high-severity finding: a JetBrains plugin (acme-helper) declares Premain-Class (javaagent retransform) which is the riskiest IDE-extension pattern.

Scan Coverage

IDE Extensions Scanned Findings
VS Code 47 8
Cursor 12 (subset of VS Code) 2
IntelliJ IDEA 12 14
Total 59 24

Findings

High

ID Extension IDE Description OWASP
IDE-001 acme-helper IntelliJ Declares Premain-Class — javaagent retransform attack surface ASI04

Medium

ID Extension IDE Description OWASP
IDE-002 dark-theme-pro VS Code Theme contains extension.js (theme-with-code) LLM06
IDE-003 rest-client-typo VS Code Typosquat: Levenshtein 2 vs rest-client (top-100) LLM03
IDE-004 ace-helper IntelliJ Long <depends> chain (12 plugins) — large surface LLM03
IDE-005 json-fast VS Code activationEvents includes * (broad activation) ASI04

Low

ID Extension IDE Description OWASP
IDE-006 git-graph VS Code Native binary .dylib shipped (verified signature OK)
IDE-007 gradle-helper IntelliJ Native binary .so shipped (Linux ELF)
IDE-008 vsc-cmd VS Code vscode:uninstall hook present
IDE-009 shaded-jar-pro IntelliJ Shaded jar advisory (3 jars)
IDE-010 rest-client-typo VS Code Same as IDE-003: typosquat suspicion LLM03
IDE-011 code-splitter VS Code activationEvents onStartupFinished (broad) ASI04
IDE-012 java-fmt IntelliJ Premain-Class candidate (lower confidence) ASI04

Info

12 informational findings (mostly publisher metadata + extension-pack expansions). See envelope for full list.

Per-IDE Recommendations

VS Code

  1. Medium: Investigate dark-theme-pro — themes should not ship code.
  2. Medium: Compare rest-client-typo to rest-client — likely typosquat. Uninstall.
  3. Medium: Audit json-fast activation events; consider replacing with narrower scope.

IntelliJ IDEA / JetBrains

  1. High: Manually verify acme-helper Premain-Class is legitimate. Consider disabling.
  2. Medium: Reduce ace-helper depends-chain or replace.
  3. Low: Verify shaded-jar advisories (shaded-jar-pro) — known shading is normal but creates supply-chain opacity.

Methodology

7 VS Code-specific checks (blocklist, theme-with-code, sideload, broad activation, typosquat, extension-pack, dangerous hooks) + 7 JetBrains checks (Premain-Class, native binaries, depends chain, theme-with-code, broad activation, typosquat, shaded jars). Reused scanners (UNI/ENT/NET/TNT/MEM/SCR) per extension. Offline mode by default.

IDE-scan complete. 59 extensions, 24 findings, 8.9 seconds.