VirusTotal Partners with Knostic to Add AI-Powered Security Analysis for VS Code Extensions
Key Takeaways
- ▸VirusTotal integrates Knostic's AgentMesh technology to provide AI-powered security analysis of VS Code extensions (.VSIX files)
- ▸AgentMesh assigns clear verdicts (BENIGN, SUSPICIOUS, MALICIOUS) and risk levels (SAFE, MEDIUM, CRITICAL) to help identify malicious extensions and supply-chain threats
- ▸Security analysts can search and filter Knostic analysis results in VirusTotal Intelligence using new specialized search operators
Summary
VirusTotal has announced a partnership with Knostic, integrating the latter's AgentMesh Agentic Security Supply Chain Reputation Engine into VirusTotal's Crowdsourced AI lineup. The integration specifically targets Visual Studio Code extensions (.VSIX files), providing developers and security teams with AI-driven analysis to detect supply-chain threats and malicious extensions before installation.
Knostic's AgentMesh analyzes VS Code extensions and assigns clear security verdicts (BENIGN, SUSPICIOUS, or MALICIOUS) along with risk levels (SAFE, MEDIUM, or CRITICAL). The solution provides independent assessment of extension files to identify both critical vulnerabilities and deliberate backdoor behaviors. Security analysts can search and filter analysis results in VirusTotal Intelligence using new specialized operators like knostic_ai_verdict and knostic_ai_analysis.
The partnership addresses a critical security gap as VS Code extensions have become central to modern development workflows but increasingly attractive targets for supply-chain attacks. Malicious actors have been caught publishing seemingly benign extensions that secretly download payloads, perform remote code execution, steal credentials, or exfiltrate proprietary source code and sensitive environment variables.
- The partnership addresses rising security risks as VS Code extensions become central to development workflows and increasingly targeted for supply-chain attacks
