KOREXT - AI Code Governance for Windsurf

Enforce security, regulatory, and quality standards on AI-generated code in real time. Every violation mapped to specific regulatory clauses. Every fix verified before it is applied. Every enforcement decision sealed in a signed proof bundle.

What It Does

Korext checks your code against active compliance packs every time you save. If AI-generated code introduces a hardcoded secret, an SQL injection, an insecure cookie, or a violation of PCI-DSS, HIPAA, GDPR, SOC 2, CMMC, or any of 44 policy packs, you see it immediately as a red underline on the exact line.

Hover for the full explanation: what is wrong, which regulation it violates, and how to fix it.

One click applies a verified fix. The fix is scoped to the violation. Surrounding code is never touched. Four deterministic guards verify the fix preserves existing security properties and introduces zero new vulnerabilities.

Key Features

• Real-time enforcement on every save
• AI-powered explanations with regulatory citations (PCI-DSS 6.3.1, not "security best practice")
• One-click verified fixes with scoped extraction
• 478 rules across 44 policy packs
• Three-layer governance: regulatory, technical standards (CWE, OWASP), security intelligence (MITRE ATT&CK)
• 9 jurisdiction coverage (US, EU, UK, Canada, Australia, New Zealand, Japan, Taiwan, Singapore)
• Cryptographically signed proof bundles for auditors
• Custom policy packs for enterprise internal standards
• Offline mode with local rule enforcement
• Cascade session batch analysis and deduplication

New in v0.9

• Co-Pilot Mode: Real-time inline compliance warnings as you type. 10 instant regex patterns detect hardcoded secrets, eval(), innerHTML, SQL injection, and more -- zero latency, zero network calls.
• WebSocket Transport: Persistent connection to Korext server for faster analysis. Automatic fallback to HTTP after 3 connection failures.
• Differential Analysis: When less than 30% of a file changes, only changed regions are sent for analysis. Reduces payload size by up to 90%.
• Feedback UI: Thumbs up/down on violation hover cards to rate explanation quality.
• Explanation Source Badges: See whether each explanation is Expert Verified, Cached, or AI-generated.
• Explanation Caching: Previously generated AI explanations are cached locally, eliminating redundant API calls.

Supported Compliance Frameworks

OWASP Top 10 | PCI-DSS | HIPAA | GDPR | SOC 2 | NIST SP 800-53 | NIST SP 800-171 | CMMC Level 2/3 | FedRAMP | ISO 27001 | DORA | NIS2 | CIS Benchmarks | UK DPA | Australian Privacy Act | APPI (Japan) | PDPA (Singapore, Taiwan) | and 25+ more

How It Works

1. Install the extension
2. Sign in with Google or GitHub
3. Write code (or let Cascade write it)
4. Save the file
5. Violations appear as red underlines
6. Hover for the explanation
7. Click the lightbulb for a verified fix
8. Compliance evidence is generated automatically

Built for Windsurf

Built for Windsurf's Cascade sessions. When Cascade modifies multiple files, Korext detects the batch and analyses all changed files together, deduplicating violations across the session.

• Cascade batch analysis: multi-file enforcement after Cascade edits
• Session deduplication: violations grouped by Cascade session
• Problems panel: all violations with severity, rule ID, and regulatory mapping
• Lightbulb menu: one-click verified fixes scoped to the violation
• Status bar: live compliance indicator with violation count
• Command palette: sign in, switch policy packs, export proof bundles

Enterprise Features

• Role-based access control (5 roles)
• Custom policy packs with AI rule extraction
• Team management with invite flow
• HMAC-SHA256 signed proof bundles
• PDF export for auditors with QR code verification
• Blast Radius impact analysis
• Enterprise Knowledge Graph (RAG)
• Kubernetes admission webhook

Getting Started

1. Install from Open VSX
2. Open the command palette (Cmd+Shift+P / Ctrl+Shift+P)
3. Run "Korext: Sign In"
4. Start coding

Free tier: 500 enforcement runs per month. Team: $40/developer/month with signed proof bundles. Enterprise: custom pricing with SSO, custom packs, and dedicated support.

Links

• Website: korext.com
• Dashboard: app.korext.com
• LinkedIn: linkedin.com/company/korext
• GitHub: github.com/Korext
• Support: support@korext.com

Publisher: Korext License: Proprietary Version: 0.9.2