Chaintrap Scanner
Run security analysis on extension IDs and registry packages. Cached results load fast; full HTML and JSON-style outputs for triage and sharing.
Supply chain security
See third-party risk before it hits production.
Chaintrap gives security and platform teams real signal on extension and package exposure across browser, IDE, and registry ecosystems.
Start with Chaintrap Scanner: deep scans, risk scoring, and shareable reports for Chrome, Edge, VS Code, Open VSX, npm, and more.
Run scans at scan.chaintrap.com
Company home: chaintrap.com
Products
What we ship today
Chaintrap Scanner is live today—deep analysis on extensions and registry packages. Chaintrap Watch is our direction for telemetry-backed inventory and dashboards inside your environment.
Chaintrap Watch
Connector-fed inventory, verdict mix, and supply-chain counts—unified with on-demand scans when you need a second opinion on a component.
How it works
From paste to verdict
Chaintrap Scanner is built for analysts and security engineers who need defensible signal without a week-long manual review every time.
1
Choose a target
Extension store, marketplace, or package spec—pick the surface that matches what your users or build pipelines installed.
2
Run analysis
Static and behavioral signals roll into a risk score and structured findings you can act on or attach to a ticket.
3
Share the report
Summary and full report views give leadership and engineering the same picture—without everyone running their own ad-hoc toolchain.
Company
Why Chaintrap
Third-party extensions and packages are part of modern software supply chains, but they rarely get the same scrutiny as first-party code. We focus on practical workflows: fast scans, clear risk language, and paths toward continuous visibility as your estate grows.
Contact: hello@chaintrap.com (update before launch if this is not your mailbox).