This extension provides automatic reporting of security concerns from Socket Security. The features of this extension aim to provide guidance through all stages of development.
-
Package imports in JavaScript and Python are detected and given summary scores to show concerns with configurable overlays. These overlays will persist even after package installation.
-
Socket detects multiple alternate forms of package imports, including dynamic
import()orrequirein JavaScript orimportlib.import_modulein Python.
- This will automatically register the socket MCP server at https://mcp.socket.dev to allow usage of the public MCP server.
If you are in charge of a team you may wish to setup this up as a recommended extension or other organization level settings. Please refer to our docs.