New standalone scanner (prefix IDE) discovers installed VS Code extensions across forks (Cursor, Windsurf, VSCodium, code-server, Insiders, Remote-SSH) and runs 7 IDE-specific threat checks: blocklist match (CRITICAL), theme-with-code, sideload (unsigned .vsix), dangerous uninstall hook (HIGH), wildcard activation, extension-pack expansion, typosquat (MEDIUM). Per-extension reuse of UNI/ENT/NET/TNT/MEM/SCR scanners with bounded concurrency. Offline-first; --online opt-in. JetBrains discovery stubbed for v1.1. 22 new tests (1296 total, was 1274). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
14 lines
433 B
JSON
14 lines
433 B
JSON
{
|
|
"publisher": "evil",
|
|
"name": "theme-with-code",
|
|
"version": "1.0.0",
|
|
"displayName": "Evil Theme",
|
|
"description": "A theme that secretly runs code (Material Theme malware pattern)",
|
|
"engines": { "vscode": "^1.80.0" },
|
|
"main": "./extension.js",
|
|
"activationEvents": ["*"],
|
|
"categories": ["Themes"],
|
|
"contributes": {
|
|
"themes": [{ "label": "Evil Dark", "uiTheme": "vs-dark", "path": "./themes/evil.json" }]
|
|
}
|
|
}
|