vscode-extensions
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses standard 'code --install-extension' commands to manage VS Code. This is the official and documented method for extension management.
- [EXTERNAL_DOWNLOADS] (SAFE): The extensions referenced (e.g., ms-python.python, dbaeumer.vscode-eslint) are popular, well-known, and provided by trusted publishers within the VS Code ecosystem.
- [DATA_EXPOSURE] (SAFE): No sensitive data access or network exfiltration patterns were identified. The export/import functionality uses a local 'extensions.txt' file, which is a standard workflow.
- [PROMPT_INJECTION] (SAFE): No attempts to override system instructions or bypass safety filters were found in the provided markdown.
Audit Metadata