Subscribe to the Non-Human & AI Identity Journal
Home FAQ Governance, Ownership & Risk Who is accountable when a developer extension leaks…
Governance, Ownership & Risk

Who is accountable when a developer extension leaks internal repositories?

← Back to all FAQ
By NHI Mgmt Group Editorial Team Updated July 9, 2026 Domain: Governance, Ownership & Risk

Accountability sits with the teams that own developer access, endpoint policy, and secret lifecycle, not just with the person who installed the tool. If publishing tokens, cloud keys, or extension access were not governed as enterprise credentials, the organisation owns the control failure. That is an identity governance issue, not only a malware incident.

Why This Matters for Security Teams

A developer extension is not just a productivity tool once it can read repositories, access tokens, or transmit code context to a third party. The accountability question sits with the teams that govern endpoint policy, developer entitlements, and secret lifecycle, because those controls determine whether the extension could exfiltrate internal material in the first place. That makes this an access governance failure, not only a malware event.

NHIMG research on 52 NHI Breaches Analysis shows how often identity and secret controls fail together, while the broader pattern is echoed in Guide to the Secret Sprawl Challenge. When browser extensions, IDE plugins, or local agents can touch source code, the organisation has effectively introduced a new identity boundary that must be governed like any other privileged workload. Current guidance suggests treating extension access as enterprise access, not personal software choice.

Security teams often miss the issue because they review the extension as the trigger, instead of the unprotected credentials and overbroad repo access that made the leak possible. In practice, many security teams encounter the breach only after internal code has already been indexed, copied, or synced outside the environment, rather than through intentional policy review.

How It Works in Practice

Accountability usually lands across three control owners: the team that approves developer access, the team that hardens endpoints, and the team that governs secrets. If an extension can read local files, intercept editor buffers, or reuse cached cloud credentials, then the organisation needs a documented control path for what that extension may see, store, and transmit. NIST control guidance in NIST SP 800-53 Rev 5 Security and Privacy Controls is still useful here because the issue spans access enforcement, auditability, and configuration management.

Practically, stronger programs separate the problem into four questions:

  • Which repositories, secrets, and local files can a developer extension access?
  • Is the extension approved through policy, or installed ad hoc by users?
  • Are cloud tokens, API keys, and SSO sessions scoped to the minimum task?
  • Can the organisation revoke access quickly if telemetry shows unusual data movement?

This is where NHIMG’s Ultimate Guide to NHIs — Why NHI Security Matters Now is relevant: once software can act with delegated access, the enterprise must treat that software as an identity-bearing actor with controls, not just as code. Endpoint allowlisting, repository segmentation, secret scanning, and short-lived credentials all matter, but they only work if ownership is explicit and enforcement is centralized. The most defensible posture is to require policy approval before an extension gains access to source code, and to bind that approval to monitored, revocable credentials rather than persistent local trust. These controls tend to break down when developers use unmanaged workstations or personal browser profiles because enterprise policy cannot reliably inspect or revoke local extension behavior.

Common Variations and Edge Cases

Tighter extension controls often increase friction for developers, requiring organisations to balance speed of delivery against the risk of unintended code exposure. Best practice is evolving here, and there is no universal standard for every IDE, browser, or agent plugin model yet.

One edge case is the “harmless” productivity extension that later receives a permission update and starts reading repositories or clipboard content. Another is the internal AI assistant that is granted access to code search, issue trackers, and secrets vaults, then leaks context through prompt logging or external API calls. In both cases, accountability still sits with the organisation that allowed the access path, even if the user installed the tool.

Vendor research also shows why these events become persistent governance problems rather than one-off incidents: secrets are slow to remediate, and developers do not always follow best practices consistently. That is why NHIMG’s Guide to the Secret Sprawl Challenge matters operationally, especially when paired with the 52 NHI Breaches Report. The hard question is not whether the extension was malicious, but whether the organisation had a control model that assumed it could fail. If the answer is no, the accountability is shared by the teams that failed to govern the access path, not only by the individual who clicked install.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10, OWASP Agentic AI Top 10 and CSA MAESTRO address the attack and risk surface, while NIST AI RMF and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
OWASP Non-Human Identity Top 10NHI-01Covers excessive or unmanaged identity access that enables repository leakage.
OWASP Agentic AI Top 10A1Applies when extensions or assistants act autonomously with code access.
CSA MAESTROAIC-04Relevant to governance of autonomous tool access and delegated authority.
NIST AI RMFSupports governance and accountability for AI-enabled software with data access.
NIST CSF 2.0PR.AA-01Identity and access management governs who can reach repositories and secrets.

Inventory every extension-like workload identity and remove any access not explicitly approved.

NHIMG Editorial Note
Reviewed and updated by the NHIMG editorial team on July 9, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org