Worried about VS Code extensions following the GitHub breach? Here's a free threat intelligence feed on all VS Code extensions, and then a skill you point your agent to, to compare the extensions to the intelligence.

AgentMesh: https://agentmesh.knostic.ai/ (threat intelligence)
The skill: https://github.com/knostic/extension-check-skill/

--
And of course, if you look to discover and defend you agents, and their supply chain, try out Kirin. It's free up to five users:
https://getkirin.com/