# How to Actually Check if a VS Code Extension is Safe Before You Install It > Source: > Published: 2026-06-12 02:54:53+00:00 You're about to install a VS Code extension. Maybe it's a formatter, a linter, a theme, an AI tool. You search, you find it, it has decent reviews. You click Install. But here's what you probably didn't check — and what almost nobody does. Before we get into how to evaluate one, it's worth being clear about what you're giving permission for. VS Code extensions run with full access to: `.env` files, and access your SSH keys.This isn't hypothetical. Extensions with millions of installs have been caught doing exactly these things. Here's what a 60-second review actually looks like: Anyone can publish to the VS Code Marketplace. The publisher ID is the only stable identifier — the display name can be anything, and typosquatting is real. `devtools-pro-2024` is worth extra scrutiny.An extension that hasn't been touched in 2+ years is a supply chain risk waiting to happen. Old dependencies, unmaintained code, and abandoned repos are exactly how attackers get in — either by compromising the account or injecting into a dependency. Look at the "Last Updated" date on the Marketplace listing. Then open the GitHub repo (if it exists) and check the actual commit history. Sometimes the Marketplace listing shows a recent publish date that just reflects an automated re-publish, not real maintenance. `package.json` permissions before installing Every extension declares what it can do in its `package.json` . You can find this in the source repo. Look for: `activationEvents` — when does this extension activate? `*` means it runs on every file you open.`contributes.commands` — what commands does it register?`*` and makes network calls is doing something the moment you open VS Code, before you've even used it.This takes 2 minutes if there's a public repo. Clone it or browse it on GitHub and look for: ``` fetch( axios http.request https.request xhr WebSocket ``` Are those calls going to localhost, or to an external server? What data is in the request body? A linter that phones home is a red flag. A language server that connects to a known service is expected. The extension's own code might be clean. Its dependencies might not be. Look at the `package.json` for third-party packages, then check them against known vulnerability databases. A single compromised npm package can turn a legitimate extension malicious overnight — this is exactly how supply chain attacks work. This is tedious to do manually. Tools like [VSCan](https://vscan.dev) automate it — paste in an extension ID and get a report on permissions, dependency vulnerabilities, and behavioral flags in seconds. Not all of these are disqualifying, but each one deserves a second look: Some of the most dangerous extensions are the popular ones, because they're the ones attackers target. If you have any of these installed, it's worth running a quick check: Before installing any new extension: ``` # List all installed extensions code --list-extensions ``` For anything you don't recognize or haven't used recently: uninstall first, reinstall if you actually need it. A year ago, the threat model for developer tools was mostly theoretical. It's not anymore. We've seen self-propagating worms targeting VS Code extensions. We've seen extensions with millions of downloads caught harvesting credentials. Microsoft's own telemetry has flagged thousands of extensions with suspicious behaviors. The attack surface is your entire development environment — your code, your credentials, your git history, your cloud provider tokens. Developers are high-value targets precisely because of what they have access to. The VS Code Marketplace is not curated the way the iOS App Store is. It's closer to npm: anyone can publish, automated scanning catches some things but not everything, and you're largely responsible for what you run. That's not a reason to avoid extensions. It's a reason to take 60 seconds before you click Install. *Check your extensions at vscan.dev*