To improve the efficiency of secret scanners and reduce false positives, Open VSX should adopt identifiable prefixes for issued tokens.

For example, PAT could be issued with a prefix like ovsxp_.

This change would have several benefits:

• Improved security tooling support: secret scanners can more easily identify valid Open VSX tokens and differentiate them from random strings.
• Reduced false positives: currently, scanners may mistakenly flag arbitrary strings as potential secrets. A clear prefix format would reduce this noise.
• Consistency with industry practices: platforms like GitHub have already adopted this approach (see their explanation).