AI-powered IDEs like Cursor and Windsurf recommend extensions not available in OpenVSX, creating a vulnerability for malicious actors to exploit. Threat actors can claim unclaimed namespaces and upload malicious extensions, posing security risks. #OpenVSX #ExtensionNamespaces
Keypoints
- Popular AI-based IDEs are forked from Microsoft VSCode but cannot use the official extension store due to licensing issues.
- These IDEs support an open-source marketplace called OpenVSX, which is less regulated than the official store.
- Some recommended extensions are missing in OpenVSX, leaving namespaces unclaimed and vulnerable to malicious registration.
- Researchers from Koi Security identified this issue and took measures to block potential supply-chain attacks with placeholder extensions.
- Users are advised to manually verify extension sources from reputable publishers to avoid security threats.