Findings
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
FINDINGS ARE AVAILABLE FOR ENTERPRISE USERS
Code analysis
AI-powered analysis of the extension's source code for security insights and risk assessment.
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
CODE INSIGHTS ARE AVAILABLE FOR ENTERPRISE USERS
API Calls
API calls detected through static analysis of the source code. For more accurate insights, explore our sandbox dynamic analysis.
critical
process.exit
nodejs
/extension/dist/extension.js
low
process.versions.node.split
nodejs
/extension/dist/extension.js
low
http.ClientRequest
nodejs
/extension/dist/extension.js
All API calls are available for Enterprise users
Secrets
Any encoded/decoded secrets we managed to find in the source code, git repository, or related files
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
SECRETS ARE AVAILABLE FOR ENTERPRISE USERS
Vulnerabilities
Known vulnerabilities and security issues detected in the extension's dependencies and code.
high
Enterprise Only
Enterprise Only
Enterprise Only
medium
Enterprise Only
Enterprise Only
Enterprise Only
low
Enterprise Only
Enterprise Only
Enterprise Only
VULNERABILITIES ARE AVAILABLE FOR ENTERPRISE USERS
External communication
Any identifiers we detected that may indicate external communication from the item's code
https://www.youtube.com/embed
extension/dist/extension.js
https://www.youtube.com/embed,
extension/dist/extension.js
https://www.microsoft.com/en-us/videoplayer/embed
extension/dist/extension.js
All external communications are available for Enterprise users
Dependencies
Dependencies and third-party libraries used by the extension, including version information and license details.
@types/chai
Version:
Unknown
@types/chai-spies
Version:
Unknown
@types/glob
Version:
Unknown
All dependencies are available for Enterprise users
Licenses & Compliance
Compliance
Compliance status and certifications for the extension and its publisher
Microsoft
Microsoft is ISO27001 certified, with Azure, Dynamics 365, and other Microsoft online services undergoing regular independent third-party audits for compliance. There is no mention of a parent company as Microsoft is a large corporation on its own.
Compliant
Microsoft
Microsoft's services are compliant with the SOC 2 Type 2 standards for operational security, which are relevant to trust services criteria for system security, availability, processing integrity, and confidentiality. Additionally, there is a mention of compliance in their security and privacy policies, indicating a commitment to maintaining these standards.
Compliant
Microsoft
Microsoft is committed to GDPR compliance across its cloud services and provides relevant assurances in its contractual commitments. No specific parent company was identified as this appears to be a standalone entity within the context.
Compliant
Licenses
MIT License
View License" MIT License\r\n\r\n Copyright (c) Microsoft Corporation. All rights reserved.\r\n\r\n Permission is hereby granted, free of charge, to any person obtaining a copy\r\n of this software an...