Koidex is a security tool that answers one critical question fast: "Is this safe to install?" It searches extensions, code packages, and AI models across VS Code, JetBrains, npm, and Hugging Face. You can also install the Koidex IDE extension for real-time background scanning in Cursor and Windsurf. Free, with no setup required.
Koidex checks extensions, packages, and AI models from VS Code, JetBrains, npm, and Hugging Face. The IDE extension runs background scans in Cursor and Windsurf, catching threats before they affect your work.
Instead of guessing based on labels, Koidex analyzes what software is actually made of. It performs extensive, agentic risk analysis that sees past superficial descriptions to real composition and behavior.
Koidex has uncovered serious flaws, including a fail-open bug in Open VSX's pre-publish scanning pipeline that let malicious extensions go live marked as PASSED. It also found a vulnerability in Claude's Chrome Extension where any website could silently inject prompts into AI-powered browser sessions.
Track and manage every piece of software the moment it enters your ecosystem. Koidex gives you visibility into what your team relies on, from extensions to packages to apps and models.
"We don't guess, we analyze what software is actually made of."
Koidex doesn't rely on reputation scores or user reviews. It performs deep, agentic analysis that reveals real composition and behavior, catching threats that other tools miss. This approach has already led to the discovery of critical vulnerabilities in major platforms like Open VSX and Claude's Chrome Extension.
You work with extensions, packages, or AI models and want a free, no-setup way to verify safety before installing. Koidex is especially useful if you use Cursor, Windsurf, VS Code, JetBrains, npm, or Hugging Face and need real-time background scanning without interrupting your workflow.
Other tools you might consider
Loading comments…
Maker
moonbyte
Visit Website
dex.koi.security
Project Info
Product Keywords
