snyk-security.snyk-vulnerability-scanner-preview-2026.6.1210.vsix

VSIX

BENIGN

Mal-ecule

Size 8.8 MB download

First seen 3 days ago

Analyzed 3 days ago

Ecosystem vscode

Source open-vsx.org

snyk-security.snyk-vulnerability-scanner-preview-2026.6.1210.vsix vsix

0x0	504b03041400000808001172cc5c2dd8	PK.........r.\-.Executes shell commands
0x10	08	.

Well-known

anti-analysis/vm-detect Node container and VM probe paths

impact/wipe QNX Node process kill loop

package.json "prepublishOnly":
package.json "prepublishOnly":
package.json "prepublishOnly":
cookie.js .split('.')
package.json @isaacs/cliui
package.json ^1.67.0
package.json brace-expansion
package.json git+https://github.com/isaacs/jackspeak.git
package.json git+ssh://[email protected]/juliangruber/brace-expansion.git
package.json git+ssh://[email protected]:isaacs/cliui
package.json https://github.com/Microsoft/vscode-languageserver-node.git
package.json https://github.com/tapjs/signal-exit.git
package.json signal-exit
package.json vscode-languageclient
package.json {"@isaacs/cliui":"^9.0.0"}
package.json {"balanced-match":"^4.0.2"}
package.json {"minimatch":"^5.1.0","semver":"^7.3.7","vscode-languageserver-protocol":"3.17.3"}
package.json {"prepublishOnly":"echo \"⛔ Can only publish from a secure pipeline ⛔\" && node ../build/npm/fail","prepack":"npm run all:pu
package.json {"type":"git","url":"git+https://github.com/isaacs/jackspeak.git"}
package.json {"type":"git","url":"git+ssh://[email protected]/juliangruber/brace-expansion.git"}
package.json {"type":"git","url":"https://github.com/Microsoft/vscode-languageserver-node.git","directory":"client"}
package.json {"type":"git","url":"https://github.com/tapjs/signal-exit.git"}

supply-chain/recon-exfil/oast preinstall contains IPv4 URL with port

execution/interpreter/script PowerShell execution policy bypass

cookie.js base64
protocol.showDocument.js open `https://
protocol.showDocument.js open `https://code.visualstudio.com/
thirdpartynotices.txt open source code available at https://
thirdpartynotices.txt open source code available at https://3rdpartysource.microsoft.com
callHierarchy.js return client.protocol2CodeConverter.asCallHierarchyItems(result, token
connection.js return connection.sendNotification(ProgressNotification.type, { token
connection.js token
callHierarchy.js token

communications/ipc Sends message via Node.js process.send

data/control-flow Loop variable incremented by a variable step

os/sysinfo/platform Detects Electron renderer process

20 of 198 traits shown

SHA-256	a02724cf4beb4d4104c8e6af243b3c46efa5d7183c7971dcc174ff7534ed274d
Canonical SHA-256	000877d1b0f3d96fa96340eacd5e83109ed2166e0698a934c1ed2bd2a5d78e51
Filename	snyk-security.snyk-vulnerability-scanner-preview-2026.6.1210.vsix
Package	snyk-security/snyk-vulnerability-scanner-preview
Version	2026.6.1210

Source	forager
Feed	open-vsx.org
Ecosystem	vscode
Domain	open-vsx.org
URL	https://open-vsx.org/api/snyk-security/snyk-vulnerability-scanner-preview/2026.6.1210/file/snyk-security.snyk-vulnerability-scanner-preview-2026.6.1210.vsix

Not seeing what you expected? Let us know