# #40 - IDE expansion packs, new package health database, and AutoFix now in AI pentest reports ### Features * [**Expansion packs for the IDE**](https://help.aikido.dev/ide-plugins/features/aikido-expansion-packs): Introducing Aikido Expansion Packs, which brings Safe Chain and secret scanning via pre-commit hooks to your IDE. Stop sensitive patterns and malicious packages from ever reaching your shared codebase. * [**Package health database**](https://intel.aikido.dev/packages): Search and compare 3 million+ open source packages to help identify which dependencies are well-maintained and safe to use. Aikido calculates a health score based on how often a package changes, who maintains it, what scripts it runs, and whether its builds are verifiable. * [**Autofix for pentest issues:**](https://help.aikido.dev/aikido-autofix/overview-aikido-autofix) Aikido will now generate AutoFix previews for critical and high severity issues discovered by Aikido Attack. Act on the AI pentesting report and open a PR fix directly from the Aikido app. * [**VSCode full workspace can**](https://help.aikido.dev/ide-plugins/features/full-workspace-scan-in-ide)**:** You can initiate a full workspace scan for SAST and secret issues to help you establish a security baseline for your codebase or assess security posture before a major code push. This works alongside the existing functionality that scans as individual files are opened or saved. ### **Aikido Intel - Malware & Vulnerability Database** Our research team has discovered over [96 new vulnerabilities](https://intel.aikido.dev) over the last three weeks! Also, [read our research and analysis](https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomains) on the ongoing Shai Hulud supply chain attacks. ### Improvements * Attack - Added [support for uploading files as additional context](https://help.aikido.dev/pentests/leveraging-code-and-documentation#upload-data) in AI pentests * Attack - [Mitigate server load by setting maximum requests per second in safety settings](https://help.aikido.dev/pentests/safety-measures#mitigating-high-server-load) * Clouds -[ Generate report and map rules for CIS AWS benchmark](https://app.aikido.dev/reports/cis-aws) * Clouds - [New Kubernetes agent release](https://github.com/AikidoSec/helm-charts/releases/tag/kubernetes-agent-2.4.4) includes SBOM and deployment metrics collection, and support for external secrets * Clouds - Kubernetes cluster scanning improvements including improved caching for very large clusters and workload identity support for image pulls * Code Quality - [Added new code quality rules](https://app.aikido.dev/code-quality/checks) for Apex XSS and generic JavaScript path traversal * Platform - [Release Aikido Broker](https://help.aikido.dev/miscellaneous-info/aikido-broker-for-internal-applications) for scanning internal, non-internet facing applications * Virtual machines - [New VM Agent Scanner release](https://aikido-security.slack.com/archives/C03QK8Q0JMB/p1762435248492879) includes support for U.S. and Middle East regions as well as submitting package versions in SBOM * Zen Firewall - Agent releases for [Dotnet](https://github.com/AikidoSec/firewall-dotnet/releases), [Java](https://github.com/AikidoSec/firewall-java/releases), [Python](https://github.com/AikidoSec/firewall-python/releases), [PHP](https://github.com/AikidoSec/firewall-php/releases), [Ruby](https://github.com/AikidoSec/firewall-ruby/releases), [Golang](https://github.com/AikidoSec/firewall-go/releases) and [Node](https://github.com/AikidoSec/firewall-node/releases) * IDE - New releases for [VSCode](https://marketplace.visualstudio.com/items?itemName=AikidoSecurity.aikido), [Jetbrains](https://plugins.jetbrains.com/plugin/24993-aikido-security/versions/stable) and [Visual Studio](https://marketplace.visualstudio.com/items?itemName=AikidoSecurity.aikido-visualstudio) * API - Added [new public API endpoing to change internet connectivity setting for containers](https://apidocs.aikido.dev/reference/updatecontainerinternetconnection) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.aikido.dev/changelog/q4-2025/40-ide-expansion-packs-new-package-health-database-and-autofix-now-in-ai-pentest-reports.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.