@cyclonedx/cdxgen 12.1.5 → 12.2.1

package/data/rules/ci-permissions.yaml

@@ -0,0 +1,186 @@
+# CI/CD Permission Security Rules
+# Category: ci-permission
+# Evaluates GitHub Actions, GitLab CI, Azure Pipelines, etc. for privilege risks
+
+- id: CI-001
+  name: "Unpinned action in write-permission workflow"
+  description: "GitHub Actions referenced by tag/branch in workflows with write permissions pose supply chain risk"
+  severity: high
+  category: ci-permission
+  condition: |
+    components[
+      $prop($, 'cdx:github:action:isShaPinned') = 'false'
+      and (
+        $prop($, 'cdx:github:workflow:hasWritePermissions') = 'true'
+        or $prop($, 'cdx:github:job:hasWritePermissions') = 'true'
+      )
+    ]
+  location: |
+    {
+      "bomRef": $."bom-ref",
+      "purl": purl,
+      "file": $prop($, 'cdx:github:workflow:file')
+    }
+  message: "Unpinned GitHub Action '{{ $prop($, 'cdx:github:action:uses') }}' in workflow with write permissions"
+  mitigation: "Pin action to full SHA: actions/setup-node@abc123def456..."
+  evidence: |
+    {
+      "pinningType": $prop($, 'cdx:github:action:versionPinningType'),
+      "workflowTriggers": $prop($, 'cdx:github:workflow:triggers'),
+      "jobName": $prop($, 'cdx:github:job:name')
+    }
+- id: CI-002
+  name: "OIDC token issuance to non-official action"
+  description: "Workflows granting id-token:write to third-party actions may enable token exfiltration"
+  severity: high
+  category: ci-permission
+  condition: |
+    components[
+      $prop($, 'cdx:github:workflow:hasIdTokenWrite') = 'true'
+      and $prop($, 'cdx:actions:isOfficial') = 'false'
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Workflow grants OIDC token access to non-official action '{{ $prop($, 'cdx:github:action:uses') }}'"
+  mitigation: "Restrict id-token scope or use only verified/official actions for OIDC operations"
+  evidence: |
+    {
+      "isVerified": $prop($, 'cdx:actions:isVerified'),
+      "actionGroup": group
+    }
+- id: CI-003
+  name: "Action pinned to mutable tag"
+  description: "GitHub Actions pinned to tags (vs SHA) can change behavior unexpectedly if tag is moved"
+  severity: medium
+  category: ci-permission
+  condition: |
+    components[
+      $prop($, 'cdx:github:action:versionPinningType') = 'tag'
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "GitHub Action '{{ $prop($, 'cdx:github:action:uses') }}' pinned to mutable tag (not SHA)"
+  mitigation: "Consider pinning to full commit SHA for immutability: actions/setup-node@<full-sha>"
+  evidence: |
+    {
+      "currentVersion": version,
+      "isOfficial": $prop($, 'cdx:actions:isOfficial')
+    }
+- id: CI-004
+  name: "Workflow uses pull_request_target trigger"
+  description: "pull_request_target can execute code in the context of the base branch, risking secret exposure"
+  severity: medium
+  category: ci-permission
+  # Check workflows (not components) for this trigger pattern
+  condition: |
+    formulation.workflows[
+      $hasProp($, 'cdx:github:workflow:triggers')
+      and $nullSafeProp($, 'cdx:github:workflow:triggers') ~> $trim() ~> $contains('pull_request_target')
+    ]
+  location: |
+    {
+      "bomRef": $."bom-ref",
+      "file": $prop($, 'cdx:github:workflow:file')
+    }
+  message: "Workflow '{{ $prop($, 'cdx:github:workflow:name') }}' uses pull_request_target trigger"
+  mitigation: "Ensure workflow does not checkout or run code from the PR head; use pull_request with careful permissions"
+  evidence: |
+    {
+      "triggers": $prop($, 'cdx:github:workflow:triggers'),
+      "hasWritePermissions": $prop($, 'cdx:github:workflow:hasWritePermissions')
+    }
+- id: CI-005
+  name: "Checkout step persists credentials unnecessarily"
+  description: "actions/checkout with persist-credentials=true (default) exposes GITHUB_TOKEN to subsequent steps"
+  severity: medium
+  category: ci-permission
+  condition: |
+    components[
+      $contains($nullSafeProp($, 'cdx:github:action:uses'), 'actions/checkout')
+      and $propBool($, 'cdx:github:checkout:persistCredentials') != false
+      and (
+        $propBool($, 'cdx:github:workflow:hasWritePermissions') = true
+        or $propBool($, 'cdx:github:job:hasWritePermissions') = true
+      )
+    ]
+  location: |
+    {
+      "bomRef": $."bom-ref",
+      "purl": purl,
+      "file": $prop($, 'cdx:github:workflow:file')
+    }
+  message: "Checkout step uses persist-credentials=true in privileged workflow; consider persist-credentials: false;"
+  mitigation: "Add persist-credentials: false to checkout steps that don't require git push operations"
+  evidence: |
+    {
+      "persistCredentials": $prop($, 'cdx:github:checkout:persistCredentials'),
+      "workflowPermissions": $prop($, 'cdx:github:workflow:hasWritePermissions')
+    }
+- id: CI-006
+  name: "Cache usage in untrusted trigger context"
+  description: "GitHub Actions cache can be poisoned when used in workflows triggered by untrusted input (e.g., pull_request from forks)"
+  severity: high
+  category: ci-permission
+  condition: |
+    components[
+      $nullSafeProp($, 'cdx:github:action:uses') ~> $contains('actions/cache')
+      and $nullSafeProp($, 'cdx:github:workflow:triggers') ~> $contains('pull_request')
+    ]
+  location: |
+    {
+      "bomRef": $."bom-ref",
+      "purl": purl,
+      "file": $prop($, 'cdx:github:workflow:file')
+    }
+  message: "Cache action used in pull_request-triggered workflow; cache key '{{ $prop($, 'cdx:github:cache:key') }}' may be writable by untrusted code"
+  mitigation: "Scope cache keys to PR-specific values, validate restored cache contents, or avoid caching in untrusted workflows"
+  evidence: |
+    {
+      "cacheKey": $prop($, 'cdx:github:cache:key'),
+      "cachePath": $prop($, 'cdx:github:cache:path'),
+      "triggers": $prop($, 'cdx:github:workflow:triggers')
+    }
+- id: CI-007
+  name: "Script injection via untrusted context interpolation"
+  description: "Direct interpolation of github.event.* or inputs.* into run: blocks enables command injection"
+  severity: critical
+  category: ci-permission
+  condition: |
+    formulation.components[
+      $prop($, 'cdx:github:step:hasUntrustedInterpolation') = 'true'
+      and $prop($, 'cdx:github:step:type') = 'run'
+    ]
+  location: |
+    {
+      "bomRef": $."bom-ref",
+      "file": $prop($, 'cdx:github:workflow:file')
+    }
+  message: "Untrusted input interpolated into shell command: variables '{{ $prop($, 'cdx:github:step:interpolatedVars') }}'"
+  mitigation: "Use intermediate environment variables: env: TITLE: ${{ github.event.pull_request.title }} then reference $TITLE in run:"
+  evidence: |
+    {
+      "interpolatedVars": $prop($, 'cdx:github:step:interpolatedVars'),
+      "stepCommand": $prop($, 'cdx:github:step:command')
+    }
+- id: CI-008
+  name: "High-risk trigger with write permissions"
+  description: "Triggers like pull_request_target, issue_comment, or workflow_run combined with write permissions enable privilege escalation"
+  severity: high
+  category: ci-permission
+  condition: |
+    formulation.workflows[
+      $prop($, 'cdx:github:workflow:hasHighRiskTrigger') = 'true'
+      and $prop($, 'cdx:github:workflow:hasWritePermissions') = 'true'
+    ]
+  location: |
+    {
+      "bomRef": $."bom-ref",
+      "file": $prop($, 'cdx:github:workflow:file')
+    }
+  message: "Workflow '{{ $prop($, 'cdx:github:workflow:name') }}' uses high-risk trigger with write permissions"
+  mitigation: "Use pull_request instead of pull_request_target; require manual approval for issue_comment triggers; restrict permissions per job"
+  evidence: |
+    {
+      "triggers": $prop($, 'cdx:github:workflow:triggers'),
+      "hasWritePermissions": $prop($, 'cdx:github:workflow:hasWritePermissions')
+    }

package/data/rules/dependency-sources.yaml

@@ -0,0 +1,123 @@
+# Dependency Source Integrity Rules
+# Category: dependency-source
+# Evaluates package manager data for non-registry, local, or mutable sources
+- id: PKG-001
+  name: "Install script from non-registry source"
+  description: "npm packages with install scripts from git/file/local sources increase supply chain attack surface"
+  severity: high
+  category: dependency-source
+  condition: |
+    components[
+      $prop($, 'cdx:npm:hasInstallScript') = 'true'
+      and $prop($, 'cdx:npm:isRegistryDependency') = 'false'
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "npm package '{{ name }}@{{ version }}' executes install script from non-registry source"
+  mitigation: "Avoid git/file dependencies with lifecycle hooks; use registry dependencies or vendor explicitly"
+  evidence: |
+    {
+      "riskyScripts": $prop($, 'cdx:npm:risky_scripts'),
+      "resolvedPath": $prop($, 'cdx:npm:resolvedPath'),
+      "isLink": $prop($, 'cdx:npm:isLink')
+    }
+- id: PKG-002
+  name: "Go module uses local replacement"
+  description: "Go modules with local_dir replacements are non-hermetic and may not be reproducible"
+  severity: high
+  category: dependency-source
+  condition: |
+    components[
+      $hasProp($, 'cdx:go:local_dir')
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Go module '{{ name }}' uses local replacement: {{ $prop($, 'cdx:go:local_dir') }}"
+  mitigation: "Use published module versions or vendor dependencies explicitly for reproducible builds"
+  evidence: |
+    {
+      "localDir": $prop($, 'cdx:go:local_dir'),
+      "toolchain": $prop($, 'cdx:go:toolchain')
+    }
+- id: PKG-003
+  name: "Swift local checkout in build"
+  description: "Swift packages with localCheckoutPath indicate developer-only dependencies not suitable for release"
+  severity: high
+  category: dependency-source
+  condition: |
+    components[
+      $hasProp($, 'cdx:swift:localCheckoutPath')
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Swift package '{{ name }}' uses local checkout: {{ $prop($, 'cdx:swift:localCheckoutPath') }}"
+  mitigation: "Use remote package references (URL or registry) for release artifacts"
+  evidence: |
+    {
+      "checkoutPath": $prop($, 'cdx:swift:localCheckoutPath'),
+      "packageName": $prop($, 'cdx:swift:packageName')
+    }
+- id: PKG-004
+  name: "Nix flake missing reproducibility metadata"
+  description: "Nix dependencies without revision or nar_hash cannot be verified for content integrity"
+  severity: high
+  category: dependency-source
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:nix/')
+      and (
+        $prop($, 'cdx:nix:revision') = null
+        or $prop($, 'cdx:nix:nar_hash') = null
+      )
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Nix package '{{ name }}' missing reproducibility metadata (revision or nar_hash)"
+  mitigation: "Ensure flake.lock includes both revision and nar_hash for content-addressed reproducibility"
+  evidence: |
+    {
+      "inputUrl": $prop($, 'cdx:nix:input_url'),
+      "ref": $prop($, 'cdx:nix:ref'),
+      "hasRevision": $hasProp($, 'cdx:nix:revision'),
+      "hasNarHash": $hasProp($, 'cdx:nix:nar_hash')
+    }
+- id: PKG-005
+  name: "Ruby gem tracks mutable branch"
+  description: "Ruby gems sourced from git branches (without revision pin) can change unexpectedly"
+  severity: medium
+  category: dependency-source
+  condition: |
+    components[
+      $hasProp($, 'cdx:gem:remoteBranch')
+      and $hasProp($, 'cdx:gem:remoteRevision')
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Ruby gem '{{ name }}' tracks mutable branch '{{ $prop($, 'cdx:gem:remoteBranch') }}' without commit pin"
+  mitigation: "Pin to specific revision: gem 'foo', git: '...', ref: '<commit-sha>'"
+  evidence: |
+    {
+      "remote": $prop($, 'cdx:gem:remote'),
+      "branch": $prop($, 'cdx:gem:remoteBranch'),
+      "tag": $prop($, 'cdx:gem:remoteTag')
+    }
+- id: PKG-006
+  name: "Python dependency from non-approved registry"
+  description: "PyPI packages from unapproved registries may introduce unvetted code"
+  severity: low
+  category: dependency-source
+  condition: |
+    components[
+      $hasProp($, 'cdx:pypi:registry')
+      and $prop($, 'cdx:pypi:registry') != 'https://pypi.org/simple'
+      and $prop($, 'cdx:pypi:registry') != 'https://pypi.org'
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Python package '{{ name }}' sourced from non-default registry: {{ $prop($, 'cdx:pypi:registry') }}"
+  mitigation: "Verify registry trustworthiness"
+  evidence: |
+    {
+      "registry": $prop($, 'cdx:pypi:registry'),
+      "resolvedFrom": $prop($, 'cdx:pypi:resolved_from')
+    }

package/data/rules/package-integrity.yaml

@@ -0,0 +1,135 @@
+# Package Integrity and Lifecycle Rules
+# Category: package-integrity
+# Detects deprecated, yanked, or tampered packages and suspicious metadata
+
+- id: INT-001
+  name: "npm package with install script"
+  description: "npm packages with lifecycle hooks (preinstall, postinstall, etc.) execute arbitrary code during installation"
+  severity: medium
+  category: package-integrity
+  condition: |
+    components[
+      $prop($, 'cdx:npm:hasInstallScript') = 'true'
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "npm package '{{ name }}@{{ version }}' has install-time execution hooks"
+  mitigation: "Review install scripts before use. Consider using --ignore-scripts or an allowlist-based approach"
+  evidence: |
+    {
+      "riskyScripts": $prop($, 'cdx:npm:risky_scripts'),
+      "isRegistryDependency": $prop($, 'cdx:npm:isRegistryDependency')
+    }
+
+- id: INT-002
+  name: "npm package name or version mismatch"
+  description: "Detected mismatch between expected and resolved package name or version, which may indicate dependency confusion or tampering"
+  severity: high
+  category: package-integrity
+  condition: |
+    components[
+      $hasProp($, 'cdx:npm:nameMismatchError')
+      or $hasProp($, 'cdx:npm:versionMismatchError')
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "npm package '{{ name }}@{{ version }}' has a name or version mismatch"
+  mitigation: "Investigate the mismatch immediately. This may indicate dependency confusion, registry tampering, or a corrupted lockfile"
+  evidence: |
+    {
+      "nameMismatch": $prop($, 'cdx:npm:nameMismatchError'),
+      "versionMismatch": $prop($, 'cdx:npm:versionMismatchError')
+    }
+
+- id: INT-003
+  name: "Deprecated Go module"
+  description: "Go modules marked as deprecated may contain known issues or be abandoned"
+  severity: medium
+  category: package-integrity
+  condition: |
+    components[
+      $hasProp($, 'cdx:go:deprecated')
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Go module '{{ name }}' is deprecated: {{ $prop($, 'cdx:go:deprecated') }}"
+  mitigation: "Migrate to the recommended replacement module or assess continued usage risk"
+  evidence: |
+    {
+      "deprecationNotice": $prop($, 'cdx:go:deprecated'),
+      "isIndirect": $prop($, 'cdx:go:indirect')
+    }
+
+- id: INT-004
+  name: "Yanked Ruby gem in dependency tree"
+  description: "Yanked gems have been removed from RubyGems, typically due to security issues or critical bugs"
+  severity: high
+  category: package-integrity
+  condition: |
+    components[
+      $prop($, 'cdx:gem:yanked') = 'true'
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Ruby gem '{{ name }}@{{ version }}' has been yanked from RubyGems"
+  mitigation: "Update to a non-yanked version immediately. Yanked gems are typically removed due to security or correctness issues"
+  evidence: |
+    {
+      "platform": $prop($, 'cdx:gem:platform'),
+      "isPrerelease": $prop($, 'cdx:gem:prerelease')
+    }
+
+- id: INT-005
+  name: "npm deprecated package"
+  description: "npm packages marked as deprecated may have known vulnerabilities or unmaintained code"
+  severity: low
+  category: package-integrity
+  condition: |
+    components[
+      $prop($, 'cdx:npm:deprecated') = 'true'
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "npm package '{{ name }}@{{ version }}' is deprecated: {{ $prop($, 'cdx:npm:deprecation_notice') }}"
+  mitigation: "Migrate to a maintained alternative package"
+  evidence: |
+    {
+      "deprecationNotice": $prop($, 'cdx:npm:deprecation_notice')
+    }
+
+- id: INT-006
+  name: "Dart pub uses non-default registry"
+  description: "Dart packages from non-default registries may introduce unvetted code"
+  severity: low
+  category: package-integrity
+  condition: |
+    components[
+      $hasProp($, 'cdx:pub:registry')
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Dart package '{{ name }}' sourced from non-default registry: {{ $prop($, 'cdx:pub:registry') }}"
+  mitigation: "Verify registry trustworthiness"
+  evidence: |
+    {
+      "registry": $prop($, 'cdx:pub:registry')
+    }
+
+- id: INT-007
+  name: "Maven shaded/relocated package"
+  description: "Maven packages with shaded or relocated classes may obscure the true dependency graph and introduce hidden vulnerabilities"
+  severity: low
+  category: package-integrity
+  condition: |
+    components[
+      $prop($, 'cdx:maven:shaded') = 'true'
+    ]
+  location: |
+    { "bomRef": $."bom-ref", "purl": purl }
+  message: "Maven package '{{ name }}@{{ version }}' contains shaded/relocated classes"
+  mitigation: "Prefer non-shaded dependency variants where available to maintain transparent dependency resolution"
+  evidence: |
+    {
+      "unshadedNamespaces": $prop($, 'cdx:maven:unshadedNamespaces'),
+      "scope": $prop($, 'cdx:maven:component_scope')
+    }

package/data/rules/vscode-extensions.yaml

@@ -0,0 +1,228 @@
+# VS Code Extension Security Rules
+# Category: vscode-extension
+# Evaluates VS Code extensions for install-time execution, host access, and workspace trust risks
+
+- id: VSC-001
+  name: "Extension with install-time lifecycle scripts"
+  description: "VS Code extensions with postinstall/preinstall scripts execute arbitrary code during installation"
+  severity: critical
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and $hasProp($, 'cdx:vscode-extension:lifecycleScripts')
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl,
+      "srcFile": $prop($, 'SrcFile')
+    }
+  message: "VS Code extension '{{ publisher }}.{{ name }}@{{ version }}' executes lifecycle scripts: {{ $prop($, 'cdx:vscode-extension:lifecycleScripts') }}"
+  mitigation: "Review extension source code before installation; prefer extensions without install-time scripts; use workspace trust boundaries"
+  evidence: |
+    {
+      "lifecycleScripts": $prop($, 'cdx:vscode-extension:lifecycleScripts'),
+      "mainEntryPoint": $prop($, 'cdx:vscode-extension:main'),
+      "browserEntryPoint": $prop($, 'cdx:vscode-extension:browser')
+    }
+  
+- id: VSC-002
+  name: "Always-on extension with terminal access"
+  description: "Extensions activating on '*' with terminal-access contribution can execute commands in any workspace"
+  severity: high
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and $listContains($propList($, 'cdx:vscode-extension:activationEvents'), '*')
+      and $listContains($propList($, 'cdx:vscode-extension:contributes'), 'terminal-access')
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl
+    }
+  message: "Always-on VS Code extension '{{ publisher }}.{{ name }}' has terminal access capability"
+  mitigation: "Disable extension in untrusted workspaces; review contributed commands for injection risks; restrict via workspace trust settings"
+  evidence: |
+    {
+      "activationEvents": $prop($, 'cdx:vscode-extension:activationEvents'),
+      "contributes": $prop($, 'cdx:vscode-extension:contributes'),
+      "extensionKind": $prop($, 'cdx:vscode-extension:extensionKind')
+    }
+  
+- id: VSC-003
+  name: "Extension runs in untrusted workspaces with filesystem access"
+  description: "Extensions supporting untrustedWorkspaces=true with filesystem-provider contributions may access sensitive files"
+  severity: high
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and $propBool($, 'cdx:vscode-extension:untrustedWorkspaces') = true
+      and $listContains($propList($, 'cdx:vscode-extension:contributes'), 'filesystem-provider')
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl
+    }
+  message: "VS Code extension '{{ publisher }}.{{ name }}' operates in untrusted workspaces with filesystem access"
+  mitigation: "Set workspace trust to 'limited' for this extension; audit filesystem-provider implementations; avoid using in sensitive projects"
+  evidence: |
+    {
+      "untrustedWorkspaces": $prop($, 'cdx:vscode-extension:untrustedWorkspaces'),
+      "contributes": $prop($, 'cdx:vscode-extension:contributes'),
+      "virtualWorkspaces": $prop($, 'cdx:vscode-extension:virtualWorkspaces')
+    }
+  
+- id: VSC-004
+  name: "Extension pack with risky member extensions"
+  description: "Extension packs implicitly install bundled extensions; flag packs containing members with lifecycle scripts or privileged capabilities"
+  severity: medium
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and $hasProp($, 'cdx:vscode-extension:extensionPack')
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl
+    }
+  message: "VS Code extension pack '{{ publisher }}.{{ name }}' bundles extensions: {{ $prop($, 'cdx:vscode-extension:extensionPack') }}"
+  mitigation: "Review each bundled extension individually; prefer installing extensions explicitly rather than via packs"
+  evidence: |
+    {
+      "extensionPack": $prop($, 'cdx:vscode-extension:extensionPack'),
+      "extensionDependencies": $prop($, 'cdx:vscode-extension:extensionDependencies')
+    }
+  
+- id: VSC-005
+  name: "Extension dependency chain with execution risk"
+  description: "Extensions depending on other extensions inherit their trust boundary; flag chains where dependencies have install scripts or privileged access"
+  severity: medium
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and $hasProp($, 'cdx:vscode-extension:extensionDependencies')
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl
+    }
+  message: "VS Code extension '{{ publisher }}.{{ name }}' depends on extensions: {{ $prop($, 'cdx:vscode-extension:extensionDependencies') }}"
+  mitigation: "Audit all dependency extensions for lifecycle scripts and privileged contributions; prefer extensions with minimal dependency chains"
+  evidence: |
+    {
+      "extensionDependencies": $prop($, 'cdx:vscode-extension:extensionDependencies'),
+      "lifecycleScripts": $prop($, 'cdx:vscode-extension:lifecycleScripts')
+    }
+  
+- id: VSC-006
+  name: "Extension with debugger or authentication provider contributions"
+  description: "Extensions contributing debuggers or authentication providers have elevated host access and credential handling capabilities"
+  severity: high
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and (
+        $listContains($propList($, 'cdx:vscode-extension:contributes'), 'debuggers')
+        or $listContains($propList($, 'cdx:vscode-extension:contributes'), 'authentication-provider')
+      )
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl
+    }
+  message: "VS Code extension '{{ publisher }}.{{ name }}' contributes privileged capabilities: {{ $prop($, 'cdx:vscode-extension:contributes') }}"
+  mitigation: "Review extension source for credential handling; restrict to trusted workspaces; audit debugger attach permissions"
+  evidence: |
+    {
+      "contributes": $prop($, 'cdx:vscode-extension:contributes'),
+      "executesCode": $prop($, 'cdx:vscode-extension:executesCode'),
+      "extensionKind": $prop($, 'cdx:vscode-extension:extensionKind')
+    }
+  
+- id: VSC-007
+  name: "Extension running in workspace context with code execution"
+  description: "Extensions with extensionKind=workspace and executesCode=true run arbitrary code on remote hosts or containers"
+  severity: high
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and $listContains($propList($, 'cdx:vscode-extension:extensionKind'), 'workspace')
+      and $propBool($, 'cdx:vscode-extension:executesCode') = true
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl
+    }
+  message: "VS Code extension '{{ publisher }}.{{ name }}' executes code in workspace (remote) context"
+  mitigation: "Verify extension source before use in remote development; restrict workspace extensions to trusted publishers"
+  evidence: |
+    {
+      "extensionKind": $prop($, 'cdx:vscode-extension:extensionKind'),
+      "executesCode": $prop($, 'cdx:vscode-extension:executesCode'),
+      "main": $prop($, 'cdx:vscode-extension:main')
+    }
+  
+- id: VSC-008
+  name: "Extension with outdated VS Code engine requirement"
+  description: "Extensions requiring VS Code engine <1.80 may lack workspace trust and other modern security features"
+  severity: low
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and $hasProp($, 'cdx:vscode-extension:vscodeEngine')
+      and $count($match($prop($, 'cdx:vscode-extension:vscodeEngine'), /(\^|>=)?1\.(8[0-9]|9[0-9])\./)) = 0
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl
+    }
+  message: "VS Code extension '{{ publisher }}.{{ name }}' requires outdated engine: {{ $prop($, 'cdx:vscode-extension:vscodeEngine') }}"
+  mitigation: "Update extension or VS Code to ensure modern security features are available; contact publisher for updates"
+  evidence: |
+    {
+      "vscodeEngine": $prop($, 'cdx:vscode-extension:vscodeEngine'),
+      "version": version
+    }
+  
+- id: VSC-009
+  name: "Extension with browser entry point but no sandbox declaration"
+  description: "Extensions declaring browser entry points should run in web sandbox; flag if also declares workspace execution or filesystem access"
+  severity: medium
+  category: vscode-extension
+  condition: |
+    components[
+      $startsWith(purl, 'pkg:vscode-extension/')
+      and $hasProp($, 'cdx:vscode-extension:browser')
+      and (
+        $listContains($propList($, 'cdx:vscode-extension:extensionKind'), 'workspace')
+        or $listContains($propList($, 'cdx:vscode-extension:contributes'), 'filesystem-provider')
+      )
+    ]
+  location: |
+    {
+      "bomRef": $. "bom-ref",
+      "purl": purl
+    }
+  message: "VS Code extension '{{ publisher }}.{{ name }}' has browser entry point but also declares workspace/filesystem capabilities"
+  mitigation: "Clarify extension execution context; prefer separate web/native extension variants; audit cross-context data flows"
+  evidence: |
+    {
+      "browser": $prop($, 'cdx:vscode-extension:browser'),
+      "main": $prop($, 'cdx:vscode-extension:main'),
+      "contributes": $prop($, 'cdx:vscode-extension:contributes')
+    }