a.k.a. dbt™ power user makes vscode seamlessly work with dbt™: auto-complete, preview, column lineage, AI docs generation, health checks, cost estimation etc
Flags items that contain or rely on components with critical severity vulnerabilities, as identified by sources such as Google OSV and NVD. These vulnerabilities may expose the item to exploitation, including risks like backdoors, privilege escalation, or data compromise.
Flags Snippet type extensions that run code on the user's machine. Snippet should be static JSON files and not execute any code.
Flags items that contain or rely on components with high-severity vulnerabilities, as identified by sources such as Google OSV and NVD. These vulnerabilities may expose the item to exploitation, including risks like backdoors, privilege escalation, or data compromise.
AI-powered analysis of the extension's source code for security insights and risk assessment.
API calls detected through static analysis of the source code. For more accurate insights, explore our sandbox dynamic analysis.
Any encoded/decoded secrets we managed to find in the source code, git repository, or related files
Known vulnerabilities and security issues detected in the extension's dependencies and code.
Any identifiers we detected that may indicate external communication from the item's code
Dependencies and third-party libraries used by the extension, including version information and license details.
