ExtRisk Intel
Run security analysis on extension IDs and registry packages. Cached results load fast; full HTML and JSON-style outputs for triage and sharing.
Supply chain security
Know the risk in the third-party code your org runs.
Chaintrap helps security and platform teams see third-party exposure across browser, IDE, and registry ecosystems—before it becomes an incident.
Start with ExtRisk Intel: deep scans, risk scores, and shareable reports for Chrome, Edge, VS Code, Open VSX, npm, and more.
Run scans at scan.chaintrap.com
Company home: chaintrap.com
Products
What we ship today
ExtRisk Intel is the public scanner. DepShield is our direction for telemetry-backed inventory and dashboards inside your environment.
DepShield
Connector-fed inventory, verdict mix, and supply-chain counts—unified with on-demand scans when you need a second opinion on a component.
How it works
From paste to verdict
ExtRisk Intel is built for analysts and security engineers who need defensible signal without a week-long manual review every time.
1
Choose a target
Extension store, marketplace, or package spec—pick the surface that matches what your users or build pipelines installed.
2
Run analysis
Static and behavioral signals roll into a risk score and structured findings you can act on or attach to a ticket.
3
Share the report
Summary and full report views give leadership and engineering the same picture—without everyone running their own ad-hoc toolchain.
Company
Why Chaintrap
Third-party extensions and packages are part of modern software supply chains, but they rarely get the same scrutiny as first-party code. We focus on practical workflows: fast scans, clear risk language, and paths toward continuous visibility as your estate grows.
Contact: hello@chaintrap.com (update before launch if this is not your mailbox).