今日已更新 166 条资讯 | 累计 20138 条内容
关于我们

plugin marketplaces are the new endpoint policy for coding agents

Paulo Victor Leite Lima Gomes 2026年06月26日 08:01 1 次阅读 来源:Dev.to

GitHub added an enterprise setting this week that looks like the kind of thing most developers will never read about unless it breaks their editor. Enterprise managed settings now support strictKnownMarketplaces for VS Code and GitHub Copilot CLI. In plain English: an organization can restrict which extension and plugin marketplaces are known and allowed inside the developer tools people actually use. That sounds like desktop management. I think it is more interesting than that. If coding agents can discover tools, install plugins, call commands, read repositories, modify files, and run workflows from the IDE or terminal, then plugin marketplace policy is no longer a minor preference. It is part of the runtime boundary. The agent does not only need permission to think. It needs permission to reach for tools. And the place where those tools come from is now a security surface. the tool catalog moved closer to the developer For a long time, extension marketplaces felt like productivity infrastructure. You installed a formatter, a theme, a language server, a test explorer, a Docker helper, a cloud plugin, a database browser, maybe three things you forgot existed. Some companies cared a lot. Many mostly hoped the endpoint security product would notice anything truly bad. That world was already risky, but the blast radius was usually framed around the human developer. A plugin could read files, run code, exfiltrate data, or weaken the local environment. Bad, but familiar. Agents change the framing. An AI coding assistant sitting in the IDE or CLI may use plugins as capabilities. It may call into developer tooling, use installed extensions as context, or depend on local integrations to perform work. Even when the agent itself does not directly install anything, the available tool environment shapes what it can do. So the question stops being "which extensions are developers allowed to install?" It becomes "which tool supply chains are allowed to become part of our automat

本文内容来源于互联网,版权归原作者所有
查看原文