Transfer of Ownership
Flag items where ownership has been transferred to a different publisher, which may indicate compromise or changes in trustworthiness.
medium
Findings
Unverified Publisher
Flags items published by entities that haven’t gone through the publisher verification process of the marketplace. Lack of verification may indicate higher risk, as the publisher’s identity and trustworthiness are unconfirmed.
medium
Low Install Count
Flags items lacking installs on the marketplace, suggesting concerns about the extension's reputation and the publisher's reliability.
low
All findings are available for Enterprise users
Code analysis
AI-powered analysis of the extension's source code for security insights and risk assessment.
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
CODE INSIGHTS ARE AVAILABLE FOR ENTERPRISE USERS
Permissions
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
PERMISSIONS ARE AVAILABLE FOR ENTERPRISE USERS
API Calls
API calls detected through static analysis of the source code. For more accurate insights, explore our sandbox dynamic analysis.
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
API CALLS ARE AVAILABLE FOR ENTERPRISE USERS
Secrets
Any encoded/decoded secrets we managed to find in the source code, git repository, or related files
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
SECRETS ARE AVAILABLE FOR ENTERPRISE USERS
Vulnerabilities
Known vulnerabilities and security issues detected in the extension's dependencies and code.
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
VULNERABILITIES ARE AVAILABLE FOR ENTERPRISE USERS
External communication
Any identifiers we detected that may indicate external communication from the item's code
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
EXTERNAL COMMUNICATIONS ARE AVAILABLE FOR ENTERPRISE USERS
Dependencies
Dependencies and third-party libraries used by the extension, including version information and license details.
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
DEPENDENCIES ARE AVAILABLE FOR ENTERPRISE USERS
Licenses & Compliance
Compliance
Compliance status and certifications for the extension and its publisher
Extensao.store
The website extensao.store has declared that they achieved ISO 27001 certification in December 2023, confirming their compliance with this standard. There is no indication of a parent company or any mention of its compliance status.
Compliant
Licenses
No license text available...