6252e55700
New standalone scanner (prefix IDE) discovers installed VS Code extensions across forks (Cursor, Windsurf, VSCodium, code-server, Insiders, Remote-SSH) and runs 7 IDE-specific threat checks: blocklist match (CRITICAL), theme-with-code, sideload (unsigned .vsix), dangerous uninstall hook (HIGH), wildcard activation, extension-pack expansion, typosquat (MEDIUM). Per-extension reuse of UNI/ENT/NET/TNT/MEM/SCR scanners with bounded concurrency. Offline-first; --online opt-in. JetBrains discovery stubbed for v1.1. 22 new tests (1296 total, was 1274). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
38 lines
1.3 KiB
JSON
38 lines
1.3 KiB
JSON
[
|
|
{
|
|
"identifier": { "id": "evil.theme-with-code" },
|
|
"version": "1.0.0",
|
|
"relativeLocation": "evil.theme-with-code-1.0.0",
|
|
"metadata": { "source": "gallery", "publisherDisplayName": "Evil Labs", "isBuiltin": false }
|
|
},
|
|
{
|
|
"identifier": { "id": "ms-pythom.pythom" },
|
|
"version": "1.0.0",
|
|
"relativeLocation": "ms-pythom.pythom-1.0.0",
|
|
"metadata": { "source": "gallery", "publisherDisplayName": "ms-pythom", "isBuiltin": false }
|
|
},
|
|
{
|
|
"identifier": { "id": "sideloaded.extension" },
|
|
"version": "1.0.0",
|
|
"relativeLocation": "sideloaded.extension-1.0.0",
|
|
"metadata": { "source": "vsix", "publisherDisplayName": "Sideload", "isBuiltin": false }
|
|
},
|
|
{
|
|
"identifier": { "id": "wildcard.activator" },
|
|
"version": "1.0.0",
|
|
"relativeLocation": "wildcard.activator-1.0.0",
|
|
"metadata": { "source": "gallery", "publisherDisplayName": "Wildcard", "isBuiltin": false }
|
|
},
|
|
{
|
|
"identifier": { "id": "hook.uninstall" },
|
|
"version": "1.0.0",
|
|
"relativeLocation": "hook.uninstall-1.0.0",
|
|
"metadata": { "source": "gallery", "publisherDisplayName": "Hook", "isBuiltin": false }
|
|
},
|
|
{
|
|
"identifier": { "id": "pack.big" },
|
|
"version": "1.0.0",
|
|
"relativeLocation": "pack.big-1.0.0",
|
|
"metadata": { "source": "gallery", "publisherDisplayName": "Pack", "isBuiltin": false }
|
|
}
|
|
]
|