Skip to content
| Marketplace
Sign in
Visual Studio Code>Programming Languages>TaintFlow SASTNew to Visual Studio Code? Get it now.
TaintFlow SAST

TaintFlow SAST

F1ZZ4N

| (0) | Free
Fast, Offline Static Application Security Testing (SAST) powered by Context-Sensitive Taint Analysis.
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info

TaintFlow Logo

TaintFlow SAST

Fast, Offline Static Application Security Testing (SAST) powered by Context-Sensitive Taint Analysis

Release License Platforms


TaintFlow Banner

Overview

TaintFlow SAST is a highly optimized, offline static application security testing (SAST) extension designed to identify high-risk data-flow vulnerabilities (injection flaws, path traversals, and unsafe deserialization) in real-time as you write code.

By combining a lightning-fast Rust-compiled taint propagation engine with advanced interprocedural analysis, TaintFlow SAST delivers the precision of enterprise-grade security tools directly into the editor—with zero configuration and 100% offline privacy.


Key Features

  • ⚡ Zero Configuration: Work immediately after installation. No compiler setups, external Python/Rust runtimes, or execution scripts required.
  • 🔍 Real-Time Live Diagnostics: Automatically scans files in the background on open, edit, and switch. Results appear instantly in the Problems panel.
  • 🎨 Rich Inline UX: Highlights vulnerable statement flows, displays severity-colored virtual text decorations, and shows CodeLenses for High/Critical issues.
  • 🛡 TaintFlow Explorer: A dedicated sidebar tree view showing active vulnerabilities grouped by severity, with click-to-jump step-by-step trace navigation from source to sink.
  • ⚡ Performance-Optimized: Asynchronous analysis debounced to 600ms. Stale scan processes are automatically cancelled on typing to keep the UI perfectly fluid.
  • 🔒 100% Local & Private: Code never leaves your machine. The analysis runs completely locally inside sandboxed executables.

Supported Languages

  • Java (.java)
  • Python (.py)

Detection Capabilities (CWEs)

TaintFlow SAST detects high-precision control-flow and data-flow violations including:

CWE Vulnerability Title Severity Description
CWE-22 Path Traversal / File Disclosure High Unsanitized input controls file system paths.
CWE-78 OS Command Injection Critical Untrusted data executes raw shell commands.
CWE-79 Reflected / Stored Cross-Site Scripting (XSS) High Injection of raw HTML/scripts into web responses.
CWE-89 SQL Injection Critical Manipulation of raw database queries.
CWE-113 HTTP Response Splitting / CR-LF Injection Medium Injection of carriage return/line feed into headers.
CWE-327 Use of a Broken or Risky Cryptographic Algorithm Medium Use of MD5, SHA-1, or RC4 in security contexts.
CWE-502 Deserialization of Untrusted Data Critical Unsafe deserialization of objects leading to RCE.
CWE-798 Use of Hardcoded Credentials High Hardcoded API keys, passwords, and tokens.
CWE-918 Server-Side Request Forgery (SSRF) High Untrusted input forms outbound HTTP connections.

Architecture

                       ┌───────────────────────────────────────┐
                       │           VS Code Extension           │
                       │          (Typescript Client)          │
                       └──────────────────┬────────────────────┘
                                          │  1. Triggers Scan (Debounced)
                                          ▼
                       ┌───────────────────────────────────────┐
                       │          OS Temp Directory            │
                       │       (Temporary Live Code)           │
                       └──────────────────┬────────────────────┘
                                          │  2. Calls Bunled Binary
                                          ▼
                       ┌───────────────────────────────────────┐
                       │           TaintFlow Engine            │
                       │           (Rust CLI Binary)           │
                       └──────────────────┬────────────────────┘
                                          │  3. Formats Output (JSON)
                                          ▼
                       ┌───────────────────────────────────────┐
                       │            Problems Panel             │
                       │        & TaintFlow Tree View          │
                       └───────────────────────────────────────┘

Quick Start

  1. Install: Install TaintFlow SAST from the VS Code Marketplace.
  2. Open: Open any Java or Python project.
  3. Type: Begin writing or paste vulnerable code (e.g. standard SQL injection or command injection patterns).
  4. Inspect: Inline decorations appear next to findings. Click View Taint Trace in the CodeLens or click items in the TaintFlow Explorer sidebar to see step-by-step data flows.

Example Scan Output

Here is how findings are structured in JSON when run via the bundled CLI:

{
  "scan_version": "1.0.0",
  "scanned_files": 1,
  "total_findings": 1,
  "findings": [
    {
      "cwe": "CWE-89",
      "title": "SQL Injection Vulnerability",
      "description": "Unsanitized parameter flows into query execution.",
      "file_path": "d:\\project\\src\\Main.java",
      "line_number": 42,
      "severity": "CRITICAL",
      "code_flow_path": [
        {
          "file_path": "d:\\project\\src\\Main.java",
          "line_number": 12,
          "message": "Source: Taint input entrypoint"
        },
        {
          "file_path": "d:\\project\\src\\Main.java",
          "line_number": 42,
          "message": "Sink: Tainted value reaches sql query execution"
        }
      ]
    }
  ]
}

Privacy & Performance

  • Privacy: TaintFlow SAST does not track you, does not collect telemetry, and does not upload your source code. Analysis is performed 100% locally.
  • Performance: Scans execute asynchronously inside separate lightweight processes. If you continue typing, current scan operations are aborted immediately to ensure that typing latency is never affected.

Roadmap

  • [ ] Support for C# (.cs) and JavaScript/TypeScript (.js/.ts).
  • [ ] Visual data flow graphing in webview.
  • [ ] Custom validation rule sets via YAML.

Support TaintFlow+

If TaintFlow+ helps you find security issues in your code, please consider leaving a review on Open VSX — your feedback genuinely matters to us and helps other developers discover the extension.

Leave a review on Open VSX

You can also open the review page at any time from VS Code:

  1. Open the Command Palette (Ctrl+Shift+P / Cmd+Shift+P)
  2. Run TaintFlow+: Rate Extension

Privacy: TaintFlow+ never sends telemetry or tracks your usage. Review prompts are evaluated entirely from local state stored in your VS Code profile. Disable permanently via Settings → taintflow.enableReviewPrompt → false.


License

This extension is licensed under the MIT License.

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2026 Microsoft