Security Assistant - VS Code Extension
AI-powered security scanning with automated fixes for your codebase
✨ Features
🔍 Real-time Security Scanning
- Automatic scanning on file save
- Support for Python, JavaScript, TypeScript, Go, and more
- Powered by Bandit, Semgrep, Trivy, and Nuclei
🤖 AI-Powered Quick Fixes
- One-click vulnerability remediation
- Context-aware code generation
- Powered by OpenAI, Anthropic, or NVIDIA NIM
📊 Integrated Diagnostics
- Security findings in Problems panel
- Inline squiggly lines
- Severity-based highlighting
💡 Intelligent Explanations
- Hover over findings for detailed explanations
- CWE/OWASP mappings
- Remediation guidance
📈 Status Bar Indicator
- Real-time scan status
- Finding count by severity
- Click to view problems
🚀 Quick Start
Prerequisites
- Install Security Assistant CLI:
pip install security-assistant
- Configure LLM provider (optional, for AI fixes):
export SA_LLM__PROVIDER=nvidia
export SA_LLM__API_KEY=your-api-key
export SA_LLM__MODEL=mistralai/devstral-2-123b-instruct-2512
Installation
- Install from VS Code Marketplace
- Open Command Palette (
Ctrl+Shift+P)
- Run:
Security Assistant: Scan Workspace
📖 Usage
Scan Commands
- Scan Workspace:
Ctrl+Shift+P → Security Assistant: Scan Workspace
- Scan File: Right-click in editor →
Security Assistant: Scan Current File
- Auto-scan: Enable in settings (
security-assistant.enableRealtime)
Quick Fixes
- Click on a security finding (squiggly line)
- Click the 💡 lightbulb icon
- Select "Fix with AI"
- Review and apply the generated fix
Hover Explanations
Hover over any security finding to see:
- Detailed vulnerability description
- CWE/OWASP classifications
- Remediation steps
- Quick action links
⚙️ Configuration
{
"security-assistant.cliPath": "security-assistant",
"security-assistant.enableRealtime": true,
"security-assistant.debug": false
}
🎯 Supported Languages
- Python
- JavaScript / TypeScript
- Go
- Java
- Ruby
- PHP
- And more...
🔒 Security Scanners
- Bandit: Python SAST
- Semgrep: Multi-language SAST
- Trivy: Dependency scanning
- Nuclei: DAST web scanning
🤝 Contributing
See CONTRIBUTING.md
📄 License
MIT License - see LICENSE
| |
