VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

Popular VS Code forks like Cursor and Antigravity were found to suggest extensions not present in the Open VSX registry, creating a potential supply chain vulnerability. This issue stems from inheriting recommendations from Microsoft’s marketplace without verifying their availability in Open VSX, allowing malicious actors to claim those namespaces.

Why This Matters

Current software development relies heavily on extensions to streamline workflows, but this introduces risk. The ideal model assumes a trusted registry; however, the Open VSX registry allowed unclaimed namespaces, creating an opportunity for malicious packages. Koi’s placeholder PostgreSQL extension received 500 installs, demonstrating the potential scale of compromise and highlighting the financial risk associated with data breaches stemming from compromised developer environments.

Key Insights

• Open VSX Namespace Claiming: Unclaimed extension namespaces in Open VSX allowed attackers to publish malicious packages.
• AI-Driven Recommendations: AI-powered IDEs, inheriting recommendations from Microsoft, exacerbated the issue by suggesting non-existent extensions.
• Developer Trust: Developers readily install recommended extensions, as evidenced by the 500+ installs of Koi’s placeholder extension, indicating a reliance on IDE suggestions.

Working Example

(No code provided in context)

Practical Applications

• Security Audits: Companies using VS Code forks should audit extension recommendations against the Open VSX registry.
• Pitfall: Blindly trusting IDE extension recommendations can lead to the installation of malicious software, resulting in data theft or system compromise.

References:

• https://thehackernews.com/2026/01/vs-code-forks-recommend-missing.html