VS Code has over 40,000 extensions, but not all of them are trustworthy. Recent security incidents show that malicious extensions can steal credentials, hijack source code, and even breach enterprise networks. This article summarizes known security incidents and provides practical tips to help you make safer decisions when installing extensions.
Known Security Incidents
GitHub 3,800 Repositories Stolen (May 2026)
- A GitHub employee installed a poisoned VS Code extension, giving attackers control of their device
- Attackers stole developer keys, access tokens, and other sensitive information
- Approximately 3,800 internal code repositories were exfiltrated and auctioned on the dark web for $50,000+
- Affected core projects including GitHub Copilot and GitHub Enterprise Server
Trivy Supply Chain Attack (2025)
- The VS Code extension of security scanner Trivy was compromised
- Attackers obtained write-access credentials to Trivy's GitHub account
- Subsequently breached their npm packages, injecting malicious code into multiple versions
Evelyn Stealer (2025)
- Spread by weaponizing the VS Code extension ecosystem (disclosed by Trend Micro)
- Stole developer credentials and cryptocurrency wallets
Fake AI Coding Assistants (January 2026)
- Two malicious extensions disguised as AI coding assistants, with 1.5 million combined installs
- Uploaded developer device data to overseas servers
- AI Coding extensions are becoming a new high-risk attack vector
CSTIS Risk Advisory (2024)
- China's CSTIS detected attackers frequently using fake VS Code extensions
- Primarily targeting JavaScript and Python developers
- Multiple enterprise data breach incidents reported
Common Attack Methods
- Impersonating Popular Extensions
Creating extensions with similar names and icons to well-known extensions to trick users into installing them - Hijacking Abandoned Extensions
Acquiring or breaching unmaintained extensions, injecting malicious code, and pushing updates - Malicious Updates
Compromising legitimate extensions and sneaking malicious code into version updates - Credential Theft
Embedding malicious scripts to steal locally stored SSH keys, API tokens, and other secrets
How to Identify Safe Extensions
Pre-Installation Checks
- Verify the Publisher
Check if it's the official publisher — e.g., Prettier's publisher is esbenp, ESLint's is dbaeumer - Check Install Count and Ratings
High installs but very low ratings may indicate a fake extension - Review Update Frequency
Sudden frequent updates after a long period of inactivity may signal a takeover - Check Permission Requests
Review requested permissions during installation — be wary of unnecessary access - Inspect the Source Repository
Check if it links to a GitHub repo with active maintenance and community review - Verify the Unique Identifier
Every extension has a unique ID (format: publisher.extension, e.g., ms-python.python). Fake extensions often use similar but different IDs
Security Best Practices
- Search by Unique Identifier When Possible
Usepublisher.extension(e.g.,ms-python.python) for precise searches instead of keywords. This guarantees you find the exact extension and completely avoids fake extensions mixed in with search results - Only install extensions from the official VS Code Marketplace
- Regularly audit your installed extensions and uninstall unused ones
- Review changelogs — suspicious updates warrant caution
- In enterprise environments, download .vsix files for security review before installation
- Limit extension file system access in sensitive projects
How Extensions Toolkit Helps You Download Safely
Many of the identification methods mentioned above require manual checks, which can be time-consuming. Extensions Toolkit surfaces these critical security signals directly in the search and download workflow, helping you quickly assess an extension's trustworthiness.
Publisher Domain Verification Badge
In search results and extension details, publishers verified by Microsoft display a blue verification icon. Hovering over the badge reveals verification information, such as "Microsoft has a verified ownership for the domain microsoft.com". This information is identical to the VS Code Marketplace and comes directly from Microsoft's API, ensuring authenticity.
- Grid View
The verification badge appears at the top-right corner of each extension card, visible at a glance - List View
The verification badge sits above the extension icon, without taking extra space - Detail Modal
The verification badge is placed next to the publisher name — hover to see the full verified domain
Unique Identifier Display
The detail modal displays the extension's Unique Identifier (format: publisher.extension, e.g., ms-python.python). Click to copy it for precise searching or verification in VS Code. This is a key indicator for identifying fake extensions — counterfeits often use similar but different IDs.
Source Repository & Project Links
The detail modal displays the extension's GitHub source repository, Issues, and documentation links. These are extracted directly from the extension's VsixManifest file without any modification. You can use these links to quickly verify:
- Source Code — Check if the source is public and has community review
- Issues — Understand project activity and known issues
- Documentation — Confirm the project has comprehensive documentation
End-to-End Security Guarantee
Beyond visual security indicators, Extensions Toolkit ensures data integrity throughout the entire process:
- Official API Calls
All extension data — search results, version lists, verification status, and repository links — is fetched directly from Microsoft's official VS Code Marketplace API - Download Links Only
We only construct download links based on official API responses — no extension files are processed or modified - No File Storage
The server does not cache any extension files — all .vsix downloads come directly from Microsoft's official CDN servers - Zero Tampering Risk
Since extension files are never processed, there is no possibility of tampering, forgery, or malicious code injection - Full Transparency
The extension files you download are identical to those from the official Marketplace — verifiable via file hash comparison
Conclusion
VS Code extensions have full system access — a malicious extension can cause as much damage as a trojan. Taking one minute to verify the publisher and permissions before installing is the most effective defense for yourself and your team.
If you want to safely download extensions offline for review, use Extensions Toolkit — all files are downloaded directly from Microsoft's official servers.