Adds an extra level of protection for the security of your projects
Flags items that contain or rely on components with high-severity vulnerabilities, as identified by sources such as Google OSV and NVD. These vulnerabilities may expose the item to exploitation, including risks like backdoors, privilege escalation, or data compromise.
Flags publishers lacking installs on the marketplace, suggesting concerns about the publisher's reliability.
AI-powered analysis of the extension's source code for security insights and risk assessment.
API calls detected through static analysis of the source code. For more accurate insights, explore our sandbox dynamic analysis.
Any encoded/decoded secrets we managed to find in the source code, git repository, or related files
Known vulnerabilities and security issues detected in the extension's dependencies and code.
Any identifiers we detected that may indicate external communication from the item's code
Dependencies and third-party libraries used by the extension, including version information and license details.
