A VSCode extension that integrates with AgentLISA online security scanning service to analyze Solidity smart contracts for vulnerabilities and security issues.
Features
Selective File Scanning: Select one or more Solidity files to scan for security vulnerabilities
OAuth Authentication: Secure authentication using OAuth 2.0 with PKCE flow
Real-time Updates: Automatic polling to track scan progress and status
Interactive Results: View scan results in a tree view with expandable details
Code Navigation: Click on issues to navigate directly to the affected code lines with smart tab group management
Issue Details: View comprehensive information about each detected issue
Persistent History: Scan results are automatically saved and restored across VSCode sessions (up to 20 most recent per workspace)
Result Management: Remove individual scan results or clear all results with confirmation dialogs
Installation
Install the extension from the VS Code Marketplace
The extension works out of the box with the official AgentLISA service
(Optional) Configure custom settings if needed:
Open Settings (Ctrl+, or Cmd+,)
Search for "AgentLISA"
Adjust polling settings if desired
Usage
Authentication
Run the command "AgentLISA: Authenticate with LISA" or trigger it automatically when starting a scan
Your default browser will open to AgentLISA's authentication page (you might already be logged in!)
Complete the OAuth flow in your browser
The extension will automatically receive the authentication token and you can close the browser tab
Scanning Files
Right-click on one or more .sol files in the Explorer
Select "AgentLISA: Start LISA Security Scan" from the context menu
The scan will start and you'll be notified when it completes
Viewing Results
Results appear automatically in the "LISA Scan Results" view in the Explorer sidebar
Expand scan results to see issues grouped by file
Click on individual issues to navigate to the code location (files open in smart tab groups to avoid cluttering issue views)
View detailed issue information in a separate panel
Access all your recent scan history - results persist across VSCode restarts
You can also run "AgentLISA: Show LISA Scan Results" command to view results
Managing Results
Remove individual results: Click the trash icon next to any scan result
Clear all results: Click the "Remove All" button in the tree view header
Automatic cleanup: Only the 20 most recent scan results are kept per workspace
Configuration
Extension Settings
agentlisa.baseUrl: Custom AgentLISA server URL (optional - defaults to official AgentLISA service, only needed for testing/development)
agentlisa.pollingInterval: How often to check scan status in seconds (default: 30)
agentlisa.pollingTimeout: Maximum time to wait for scan completion in minutes (default: 20)
Development
For technical details, API integration guides, and development instructions, see DEVELOPMENT.md.