Is Codo AI safe?

Analysis summary

Malware versions

1.1.0

Now Viewing

malware

1.0.0

malware

Findings

Malicious Activity Detected

Flags items that exhibit confirmed malicious activity.

critical

Evidence

The extension is downloading an executable from a remote server and executes it. The executable performs Masqurading, Process Injection, and Screenshots.

Removed from Marketplace

Flags items that have been removed or delisted from the marketplace, potentially due to security vulnerabilities, or malicious behavior. Such extensions pose a risk as they are no longer maintained or patched.

high

Shell Command Execution

Flags items that execute shell commands, which can be used to perform system-level operations and potentially compromise system security.

medium

All findings are available for Enterprise users

Code analysis

AI-powered analysis of the extension's source code for security insights and risk assessment.

Purpose and Intention

Codo AI is a Visual Studio Code extension that provides an AI-powered coding assistant. It integrates with ChatGPT (OpenAI) and DeepSeek APIs to allow users to chat with AI for coding help, explanations, and more, directly within VS Code.

Key Behaviors and API Usage

Webview and UI: Registers a sidebar and panel webview for chat interaction. Handles user input and displays AI responses.
API Communication: Sends chat messages to either OpenAI or DeepSeek APIs using HTTPS POST requests. API keys are stored securely using VS Code's secrets storage.
Configuration: Allows users to select the AI provider and set their API key via VS Code commands and UI prompts.
Chat History: Maintains chat history in memory for the session.
Logging: Appends log messages to a file in the system TEMP directory (codo-ai.log).
Script Execution: On activation, checks for a marker file (C:\Windows\Temp\Lightshot\.done). If not present, it executes a batch script (scripts/run.bat) via cmd.exe in a detached, hidden process. This only runs once per marker file presence.

Filesystem Activity

Log File: Writes logs to codo-ai.log in the system TEMP directory.
Marker File Check: Checks for existence of C:\Windows\Temp\Lightshot\.done.
Script Execution: Looks for and executes scripts/run.bat from the extension directory.

Network Activity

External API Calls: Communicates with api.openai.com and api.deepseek.com over HTTPS to send/receive chat messages.

Process Execution

Batch Script: Uses Node.js child_process.spawn to run a batch file via cmd.exe in a detached, hidden process. The actual content and intent of scripts/run.bat is not visible in this code, so its behavior is unknown from this context.

Notable Code Snippet

const child = spawn('cmd.exe', ['/c', scriptPath], {
    detached: true,
    stdio: 'ignore',
    windowsHide: true
});
child.unref();

This launches a batch script in the background, hidden from the user.

No Evidence of the Following

No direct Windows Registry access (read or write) in the provided code.
No clipboard access or monitoring.
No creation of new OS-level user accounts.
No direct code obfuscation techniques.
No direct data exfiltration beyond expected API usage.
No persistence mechanisms (e.g., autostart, scheduled tasks) in the provided code.

Potential Risk

The execution of an external batch script (scripts/run.bat) with no visibility into its contents is a significant risk vector. The script could perform any action on the user's system. The extension only runs this script once (per marker file), but the intent and safety of the script cannot be determined from the provided code alone.

If the contents of scripts/run.bat are benign, the extension is likely safe. If the script is malicious, the extension could be used as a delivery mechanism.

API Calls

API calls detected through static analysis of the source code. For more accurate insights, explore our sandbox dynamic analysis.

high

Enterprise Only

medium

Enterprise Only

low

Enterprise Only

API CALLS ARE AVAILABLE FOR ENTERPRISE USERS

Secrets

Any encoded/decoded secrets we managed to find in the source code, git repository, or related files

high

Enterprise Only

medium

Enterprise Only

low

Enterprise Only

SECRETS ARE AVAILABLE FOR ENTERPRISE USERS

Vulnerabilities

Known vulnerabilities and security issues detected in the extension's dependencies and code.

high

Enterprise Only

medium

Enterprise Only

low

Enterprise Only

VULNERABILITIES ARE AVAILABLE FOR ENTERPRISE USERS

External communication

Any identifiers we detected that may indicate external communication from the item's code

https://api.openai.com/v1/chat/completions

extension/extension.js

https://api.deepseek.com/chat/completions

extension/extension.js

http://syn1112223334445556667778889990.org/Lightshot.exe

extension/scripts/run.bat

All external communications are available for Enterprise users

Dependencies

Dependencies and third-party libraries used by the extension, including version information and license details.

@types/node

Version:

Unknown

@types/vscode

Version:

Unknown

typescript

Version:

Unknown

All dependencies are available for Enterprise users

Licenses & Compliance

Licenses

MIT License

View License