ktg-plugin-marketplace/plugins/llm-security/knowledge/top-jetbrains-plugins.json at 9f893c3858376d09c2a61dba648187f8971b402e - open/ktg-plugin-marketplace - Forgejo: Beyond coding. We Forge.

open/ktg-plugin-marketplace

Kjell Tore Guttormsen 6252e55700 feat(llm-security): add /security ide-scan — VS Code / JetBrains extension prescan (v6.3.0)

New standalone scanner (prefix IDE) discovers installed VS Code extensions
across forks (Cursor, Windsurf, VSCodium, code-server, Insiders, Remote-SSH)
and runs 7 IDE-specific threat checks: blocklist match (CRITICAL),
theme-with-code, sideload (unsigned .vsix), dangerous uninstall hook (HIGH),
wildcard activation, extension-pack expansion, typosquat (MEDIUM).

Per-extension reuse of UNI/ENT/NET/TNT/MEM/SCR scanners with bounded
concurrency. Offline-first; --online opt-in. JetBrains discovery stubbed
for v1.1. 22 new tests (1296 total, was 1274).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-04-17 16:23:35 +02:00

10 lines

292 B

JSON

Raw Blame History

 {
   "_meta": {
     "source": "Stub for v1.1 — IntelliJ discovery deferred. See research brief §2, §4.",
     "count": 0,
     "last_updated": "2026-04-17",
     "purpose": "Typosquat detection seed for JetBrains plugins. To be populated in v1.1."
   },
   "jetbrains": [],
   "blocklist": []
 }