🧩 AquilaX AppSec VS Code Extension

🚀 Overview

The AquilaX AppSec VS Code Extension empowers developers to build secure software effortlessly by integrating AI-powered vulnerability scanning directly into Visual Studio Code.

It connects seamlessly to AquilaX’s advanced detection engine to analyze your repositories, highlight vulnerabilities in real time, and provide actionable security insights - ensuring security is embedded from the first line of code.

✨ Features

• 🔍 Code-Level Findings – Instantly highlights vulnerabilities inline, with detailed hover information.
• ⚡ On-Demand Scanning – Trigger full repo scans with real-time progress tracking and result polling.
• 📊 Scan Management – Start, cancel, and monitor scans effortlessly with sidebar status updates.
• 📋 Comprehensive Reports – Generate ASCII-style summaries by scanner, including TP/FP/UV counts.
• 🏢 Multi-Org & Group Support – Easily switch between organizations and teams using dashboard dropdowns.
• 📁 File & Directory Decorations – See badges directly on files/folders indicating detected findings.
• 🖥️ Modern Dashboard UI – Clean, responsive webview interface with spinners, loaders, and authentication.
• 🔄 Automatic State Reset – Cancels pending scans when switching workspaces for clean transitions.
• ⏱️ Periodic Auto-Refresh – Background refresh every 15 minutes keeps findings up-to-date.
• 🔗 Deep Dashboard Links – Jump directly to the AquilaX dashboard for full remediation details.
• 🧠 AI-Enhanced Insights – Detects advanced vulnerabilities (e.g., SQLi) using Securitron-001 AI analysis.
• 🧩 Native Integration – Built for VS Code with seamless UX and real-time status bar indicators.

🧭 Installation

1. Open Visual Studio Code.
2. Navigate to the Extensions Marketplace (Ctrl + Shift + X).
3. Search for AquilaX AppSec.
4. Click Install.
5. Reload VS Code if prompted.

🧑‍💻 Usage

🔐 1. Sign In

• Click Sign In when prompted to authenticate through the secure AquilaX portal.
• Your Personal Access Token (PAT) will be securely stored for API communication.

🏢 2. Select Organization & Group

• Choose your organization from the sidebar dropdown.
• Select a group (project/team) to scope scans and results.

🧾 3. Scan Your Repository

• Ensure your workspace is a Git repository with a valid origin remote.
• Click Scan Now to start an on-demand scan.
• View real-time progress and cancel scans anytime.

🧩 4. View & Manage Findings

• ✅ True Positives (TP): Red highlights
• ⚠️ Unverified Findings (UV): Orange highlights
• Hover to view severity, descriptions, and recommended fixes.
• Access aggregated reports in the AquilaX Scan Summary output channel.
• AI-powered “About this Codebase” view appears if Securitron-001 findings exist.

🔄 5. Switch Contexts

• Use Change Organization from the command palette to switch orgs/groups.
• Workspace changes automatically cancel active scans and clear findings.

🔓 6. Logout & Reset

• Click Logout to clear credentials and findings.
• Use Reset Credentials for a full session wipe.

⚙️ Requirements

• 🧱 VS Code version 1.70.0 or higher
• 🔑 Active AquilaX account
• 🧾 Git-initialized workspace (for repo recognition)

🆘 Support

Need help or found a bug? We’ve got you covered 👇

• 🐞 Report issues: GitHub Issues
• 📧 Email us: support@aquilax.ai
• 💬 Join our community: AquilaX Developer Network for updates and discussions

📜 License

Licensed under the MIT License.

💡 Acknowledgments

Powered by AquilaX AppSec - your trusted partner in securing every stage of the software development lifecycle.

© Copyright

© 2025 AquilaX Ltd. All rights reserved.
Designed with ❤️ for developers - because secure code is smart code.