IDE extension 'Antigravity Cockpit' stores GCP refresh tokens in plaintext

1 point

3 months ago

hi hn !

i hit my antigravity quota again and wanted a dumb-simple way to track usage. so i installed the most popular "cockpit/quota" extension, logged in with google, and moved on. then i got curious about what i just authorized and where it was storing my auth.

what i found is pretty alarming. this extension persists google oauth credentials to disk in plaintext json, including a refresh token, and it requests the very broad cloud-platform scope. it completely ignores the built-in SecretStorage API that uses the OS keychain. instead, it just dumps the accounts object straight to a hidden folder in your home directory using a basic writeFileSync call. it also uses a hardcoded oauth client id to perform the flow.

the threat model here isn't a stranger browsing your home folder. the risk is anything running under your user account. that includes malware, compromised extensions, random helper tooling, and backup agents syncing dotfolders. once that refresh token escapes, an attacker doesn't need your machine anymore because they can keep refreshing. the practical blast radius becomes anything your IAM already allows across google cloud, which is huge for a tool that's basically just showing you usage.

if you installed it, deleting the local folder isn't enough.

> first, you need to revoke access on google's end, which is the real kill switch. go to your google account security settings, find third-party access, and remove the antigravity app.

> next, uninstall the extension and fully quit the IDE so the extension host dies. after that, you can do a local purge by running a standard rm -rf on the .antigravity_cockpit folder in your home directory.

> finally, it's a good idea to check your gcp cloud audit logs for any unusual resource creation or IAM changes.

ofc : i'm not a security expert, just a guy who likes tinkering and wanted to share what i found. So if there is a mistake or whatever, please, don't hesitate to comment !

the whole post here :

https://louis-deep-dives.hashnode.dev/security-alert-why-you-should-ditch-antigravity-cockpit-asap