VS Code Extension Patterns Skill
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill provides a PowerShell pattern for extracting a Personal Access Token (VSCE_PAT) from a local .env file during the publishing process.\n- [COMMAND_EXECUTION]: Includes instructions for executing the vsce publish command and using the vscode.workspace.getConfiguration().update API to programmatically alter global user settings.\n- [PROMPT_INJECTION]: The skill documents an indirect prompt injection surface where untrusted data could be rendered in a webview (panel.webview.html), potentially interacting with privileged capabilities like configuration updates.\n
- Ingestion points: SKILL.md (webview HTML content and message handling)\n
- Boundary markers: None documented\n
- Capability inventory: SKILL.md (global configuration updates via config.update)\n
- Sanitization: None documented in the provided patterns
Audit Metadata