vscode-extension-webview
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and code examples for VSCode Webview development. It follows official Microsoft guidelines and explicitly highlights security best practices including Content Security Policy (CSP) configuration, resource isolation using
localResourceRoots, and input sanitization to prevent cross-site scripting (XSS). No malicious patterns, data exfiltration, or unauthorized command executions were found.
Audit Metadata