惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
Recent Commits to openclaw:main
Recent Commits to openclaw:main
H
Heimdal Security Blog
SecWiki News
SecWiki News
H
Hacker News: Front Page
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
Scott Helme
Scott Helme
PCI Perspectives
PCI Perspectives
S
Securelist
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyberwarzone
Cyberwarzone
A
Arctic Wolf
Forbes - Security
Forbes - Security
T
Tor Project blog
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
I
Intezer
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
P
Proofpoint News Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
博客园 - 司徒正美
W
WeLiveSecurity
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
V2EX
P
Palo Alto Networks Blog
Google DeepMind News
Google DeepMind News
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
Project Zero
Project Zero
T
Threatpost
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
How to Actually Check if a VS Code Extension is Safe Before You Install It
Ishaan Agrawal · 2026-06-12 · via DEV Community

You're about to install a VS Code extension. Maybe it's a formatter, a linter, a theme, an AI tool. You search, you find it, it has decent reviews. You click Install.

But here's what you probably didn't check — and what almost nobody does.


What VS Code Extensions Can Actually Do

Before we get into how to evaluate one, it's worth being clear about what you're giving permission for. VS Code extensions run with full access to:

  • Your filesystem — read, write, delete
  • Your environment variables — including secrets, tokens, and credentials your shell exposes
  • Network connections — outbound requests to anywhere
  • Child processes — spawning terminals, shell commands, background workers
  • Other extensions — via the extension API There is no sandbox. When you install an extension, you're running code with your own user permissions. The same permissions that can push to your git repos, read your .env files, and access your SSH keys.

This isn't hypothetical. Extensions with millions of installs have been caught doing exactly these things.


The Checklist Most Developers Skip

Here's what a 60-second review actually looks like:

1. Look at the publisher, not just the extension name

Anyone can publish to the VS Code Marketplace. The publisher ID is the only stable identifier — the display name can be anything, and typosquatting is real.

  • Is the publisher verified (blue checkmark)?
  • Does the publisher have other extensions, a website, a GitHub presence?
  • Does the publisher name look like a real organization or a random string? Legitimate extensions from major companies (Microsoft, Prettier, ESLint) will have recognizable, verified publishers. A one-off extension with a publisher ID like devtools-pro-2024 is worth extra scrutiny.

2. Check when it was last updated

An extension that hasn't been touched in 2+ years is a supply chain risk waiting to happen. Old dependencies, unmaintained code, and abandoned repos are exactly how attackers get in — either by compromising the account or injecting into a dependency.

Look at the "Last Updated" date on the Marketplace listing. Then open the GitHub repo (if it exists) and check the actual commit history. Sometimes the Marketplace listing shows a recent publish date that just reflects an automated re-publish, not real maintenance.

3. Look at the package.json permissions before installing

Every extension declares what it can do in its package.json. You can find this in the source repo. Look for:

  • activationEvents — when does this extension activate? * means it runs on every file you open.
  • contributes.commands — what commands does it register?
  • Any explicit permission requests An extension that activates on * and makes network calls is doing something the moment you open VS Code, before you've even used it.

4. Grep the source for network calls

This takes 2 minutes if there's a public repo. Clone it or browse it on GitHub and look for:

fetch(
axios
http.request
https.request
xhr
WebSocket

Are those calls going to localhost, or to an external server? What data is in the request body? A linter that phones home is a red flag. A language server that connects to a known service is expected.

5. Check the dependencies

The extension's own code might be clean. Its dependencies might not be. Look at the package.json for third-party packages, then check them against known vulnerability databases. A single compromised npm package can turn a legitimate extension malicious overnight — this is exactly how supply chain attacks work.

This is tedious to do manually. Tools like VSCan automate it — paste in an extension ID and get a report on permissions, dependency vulnerabilities, and behavioral flags in seconds.


Red Flags That Should Make You Pause

Not all of these are disqualifying, but each one deserves a second look:

  • No public source code. If there's no GitHub repo (or the repo is empty), you can't verify what the extension does. This alone should give you pause.
  • Downloads don't match the repo activity. 500k downloads but 3 GitHub stars and no commit activity? Something is off.
  • Vague description. Malicious extensions often have generic, copy-pasted descriptions that don't clearly explain what the extension does.
  • Requested permissions don't match the stated purpose. A Markdown preview extension shouldn't need to run child processes.

- Recently transferred ownership. Extensions sometimes get sold. New owners inherit the install base and can push updates. Check the publisher history if you can.

The Specific Extensions Worth Auditing Right Now

Some of the most dangerous extensions are the popular ones, because they're the ones attackers target. If you have any of these installed, it's worth running a quick check:

  • Extensions you installed years ago and forgot about
  • Extensions that haven't been updated recently
  • Any extension with a name very similar to a well-known one (check the publisher ID carefully)
  • AI coding assistants that have broad filesystem and network access by design The "is [specific extension] safe" question is one of the most common things developers search for — and the answer is almost never a simple yes or no. It depends on the version, the publisher's current situation, and the state of its dependencies at any given moment.

A Practical Workflow

Before installing any new extension:

  1. Check the publisher is verified or well-known
  2. Open the GitHub repo, confirm it's active
  3. Scan it through VSCan or check the dependency list manually
  4. Look at what events trigger activation Every quarter or so, do a pass over your installed extensions:
# List all installed extensions
code --list-extensions

For anything you don't recognize or haven't used recently: uninstall first, reinstall if you actually need it.


Why This Matters More Than It Used to

A year ago, the threat model for developer tools was mostly theoretical. It's not anymore.

We've seen self-propagating worms targeting VS Code extensions. We've seen extensions with millions of downloads caught harvesting credentials. Microsoft's own telemetry has flagged thousands of extensions with suspicious behaviors.

The attack surface is your entire development environment — your code, your credentials, your git history, your cloud provider tokens. Developers are high-value targets precisely because of what they have access to.

The VS Code Marketplace is not curated the way the iOS App Store is. It's closer to npm: anyone can publish, automated scanning catches some things but not everything, and you're largely responsible for what you run.

That's not a reason to avoid extensions. It's a reason to take 60 seconds before you click Install.


Check your extensions at vscan.dev