Is "VS Code Pack" on JetBrains Marketplace Safe to Install?

Security Analysis Overview

VS Code Pack is a jetbrains extension published by Zhihao Zhang. Version 0.0.3 has been analyzed by the Risky Plugins security platform, receiving a risk score of 67.94/100 (HIGH risk) based on 3 security findings.

Risk Assessment

This extension presents high security risk. Significant concerns were identified during analysis. It is not recommended for use in sensitive or production environments without thorough review.

Findings Breakdown

• High: 1 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

• Malware Detection: YARA rule matching against 2,400+ malware signatures
• Secret Detection: Scanning for exposed API keys, tokens, and credentials
• Static Analysis: Code-level security analysis for common vulnerability patterns
• Network Analysis: Detection of suspicious network communications and endpoints
• Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

VS Code Pack is published by Zhihao Zhang on the jetbrains marketplace. The extension has approximately 5K users.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.