DEV Community

Cover image for VSCode Extensions are Malicious—Here's What I Found After Scanning 1,000 of Them
Ishaan Agrawal
Ishaan Agrawal

Posted on • Edited on

VSCode Extensions are Malicious—Here's What I Found After Scanning 1,000 of Them

#security #vscode #programming #ai

When you're browsing the web, you wouldn't download random files from untrusted sources.

So why are we so comfortable installing random Visual Studio Code extensions—without knowing what they do under the hood?

Visual Studio Code extensions run with full access to your machine. That includes your file system, network, terminal, and even your credentials.

And here's the catch: there's no sandbox, no permissions model, and no built-in validation to stop them from going rogue.

The Hidden Risk in Everyday Development

VSCode is the most widely used code editor in the world, with over 14 million developers relying on it monthly and controlling roughly 75% of the code editor market.

Its powerful extension ecosystem is a key reason for its success. Extensions add support for languages, linters, themes, and advanced features. But they also introduce a serious and largely unaddressed risk: every extension you install executes with the same system-level privileges as the editor itself.

Extensions can:

  • Read and write files anywhere on your system
  • Open unrestricted network connections
  • Launch subprocesses
  • Modify environment variables and configuration files

It's essentially the same as running an unvetted Node.js application on your machine, under the assumption that it won't abuse its access.

I wanted to understand the real extent of this problem...

What the Data Says

Using the tool VSCan, I scanned 1,077 popular extensions from the VSCode Marketplace.

Here are the results:

Category Count Description
Malicious Functionality 3 Detected by reputed anti-virus engines
Malicious Network Connections 7 Contacting dangerous IPs
Vulnerable Dependencies 33 Outdated libraries with critical flaws
Hardcoded Secrets 39 Credentials, tokens, and API keys publicly exposed
Poor Security Hygiene 204 Bad permission regulation, no version control, no audits
High Permissions Usage 71 Activated on all files or using unrestricted access patterns

These aren't theoretical risks. In several cases, extensions with tens of thousands of downloads were actively reaching out to suspicious infrastructure, using dangerous APIs, or leaking secrets in plain text.

Building VSCan

As a security researcher and developer, I wanted a way to analyze extensions before trusting them. So I built VSCan—a free tool that statically analyzes VSCode, Cursor, and Windsurf extensions for malicious behavior and security risks.

VSCan inspects every part of an extension's package, looking for:

  • Obfuscated or malicious code
  • Dangerous API usage and activation patterns
  • Insecure permissions and shell execution
  • Known vulnerabilities in bundled dependencies
  • Hardcoded secrets like API keys or credentials
  • Suspicious network endpoints
  • Low-quality development practices flagged by OSSF Scorecard
  • High-risk logic, detected through AST and LLM-based code reasoning

Under the Hood: How VSCan Works

VSCan uses static analysis to inspect everything inside an extension bundle, without executing any code.

The engine analyzes:

  • package.json for activation events, main scripts, and permissions
  • JavaScript/TypeScript files using Babel ASTs
  • Dependency trees extracted from package-lock.json
  • Network calls to external domains
  • Command execution via child_process or dynamic imports
  • Secret patterns using entropy + regex-based detection
  • OSSF Scorecard data for repo-level security practices
  • AI-assisted reasoning to verify hidden or obfuscated intent

Experimental Runtime Sandboxing

Static analysis has its limits. Some malicious behavior only occurs after installation or under specific runtime conditions.

That's why I've started building a custom sandbox layer to limit extension capabilities at runtime. It works by intercepting sensitive operations—file access, shell execution, and network activity—and enforcing restrictions on a per-extension basis.

There is currently no permission isolation in VSCode. This sandbox prototype is an early step toward bridging that gap.

Who This Is For

VSCan is designed for:

  • Developers who want to verify third-party extensions
  • Security engineers auditing supply chain components
  • Teams managing secure development environments
  • Extension authors checking for issues before publishing
  • Users of VSCode forks like Cursor or Windsurf seeking safer defaults

Whether you're installing one extension or auditing hundreds, this tool can catch issues you won't spot by just reading the README.

Try It

No signup required. Works directly in the browser. Fully open to the community.

Start scanning extensions here: https://vscan.dev

If you're using VSCode and have never looked inside your extensions, it might be time. Because that helpful syntax highlighter or theme switcher might be doing a lot more than just highlighting code.

Top comments (0)