Hey all, after working with a few organizations we got a working JumpCloud script to automate VSCode extensions risk using ExtensionTotal. Adding the script here if you'd like to use it! Works on MacOS clients -
#!/bin/bash
loggedInUser=$(stat -f "%Su" /dev/console)
codePath="/Applications/Visual Studio Code.app/Contents/Resources/app/bin/code"
codeExtensions=$(sudo -u "$loggedInUser" "$codePath" --list-extensions)
jsonResult="{\"extensions\":["
while IFS= read -r line || [[ -n $line ]]; do
content=$(curl -s --location 'https://app.extensiontotal.com/api/getExtensionRisk' \
--header 'Content-Type: application/json' \
--header 'Cookie: SameSite=None' \
--header 'x-api-key: <YOUR_API_KEY>' \
--data "{
\"q\": \"$line\"
}")
jsonResult+="$content,"
done < <(printf '%s' "$codeExtensions")
jsonResult=${jsonResult%,}
jsonResult+="]}"
echo "$jsonResult"
For an API key, visit ExtensionTotal.com
