vscode-release
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several shell commands to manage the VS Code extension lifecycle.
- Runs
pnpm installandpnpm run packagefor build and dependency management. - Uses
gitcommands (commit,tag,push,pull --rebase) for version control and release tagging. - Invokes
vsce publishto upload the extension to the Visual Studio Marketplace. - [EXTERNAL_DOWNLOADS]: The skill triggers external downloads through
pnpm install --frozen-lockfile. - This installs project dependencies from the npm registry based on the project's lockfile, which is standard behavior for Node.js development workflows.
Audit Metadata