Why BrowserTotal Extension Scanner?
Real Browser Analysis - Unlike static analysis tools, BrowserTotal launches a real browser instance to analyze extensions exactly as they would execute in a user's environment. This catches threats that only activate in actual browser contexts.
Dynamic Behavior Tracing - Every network request, DOM manipulation, cookie access, and API call is traced and recorded. See what extensions actually do, not just what their code looks like.
AI-Powered Threat Detection - Combines runtime behavior analysis with LLM-powered code review to identify obfuscated malware, data exfiltration, and sophisticated supply chain attacks.
Automatic Protection - Scans run automatically on startup with intelligent 7-day caching. Get notified immediately when risky extensions are detected.
Features
- Automatic Scanning - Scans all installed extensions on startup (respects cache)
- 7-Day Caching - Results are cached locally to avoid redundant scans
- Risk Classification - Extensions are categorized as Safe, Suspicious, Malicious, or Unknown
- Detailed Reports - View risk scores, threats, and permissions for each extension
- Real-time Notifications - Alerts when malicious or suspicious extensions are detected
UI Overview
Activity Bar
Click the BrowserTotal icon in the activity bar to open the extension panel.
Extensions Tree View
Shows all installed extensions grouped by security status:
- Malicious - High-risk extensions that may contain malware
- Suspicious - Extensions with potentially risky behavior
- Unknown - Extensions that couldn't be classified
- Scan Errors - Extensions that failed to scan
- Not Scanned - Extensions pending scan
- Safe - Verified safe extensions
Summary Panel
Dashboard showing:
- Total scanned extensions
- Breakdown by status (safe/suspicious/malicious)
- Overall safety score
- Cache status and last scan date
- Quick action buttons
Extension Details
Click any scanned extension to view:
- Risk score and status
- Detected threats with severity levels
- Requested permissions
- Link to full BrowserTotal report
Commands
| Command |
Description |
BrowserTotal: Scan Installed Extensions |
Scan all installed extensions |
BrowserTotal: Scan Extension |
Scan a single extension |
BrowserTotal: Clear Scan Cache |
Clear all cached results |
BrowserTotal: Show Last Scan Report |
View the last scan report as markdown |
BrowserTotal: Refresh |
Refresh the extensions view |
Settings
| Setting |
Default |
Description |
browsertotal.autoScanOnStartup |
true |
Automatically scan on VS Code startup |
browsertotal.cacheDurationDays |
7 |
Days to cache scan results (1-30) |
browsertotal.notifyOnSuspicious |
true |
Show notification for suspicious extensions |
browsertotal.notifyOnMalicious |
true |
Show notification for malicious extensions |
browsertotal.excludeBuiltIn |
true |
Exclude built-in VS Code extensions |
How It Works
- The extension uses BrowserTotal to analyze each installed extension
- Results include a risk score, threat analysis, and permission review
- Scan results are cached locally for the configured duration (default: 7 days)
- When the cache expires or a new extension is installed, it will be scanned automatically
Requirements
- VS Code 1.80.0 or higher
- Internet connection for scanning
Privacy
Extension IDs are sent to BrowserTotal for analysis. No personal data or extension source code is transmitted. See BrowserTotal Privacy Policy for details.
License
MIT
Links
