Skip to content
| Marketplace
Sign in
Visual Studio Code>Linters>SafeRelay — DevSec DLPNew to Visual Studio Code? Get it now.
SafeRelay — DevSec DLP

SafeRelay — DevSec DLP

LogicGrid AI

|
1 install
| (0) | Free
Local-first data-loss prevention for developers. Redacts API keys, secrets, PII, and CUI markings before code or text reaches AI assistants like Copilot, ChatGPT, or Claude. 65+ patterns, air-gap friendly, zero telemetry.
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info

SafeRelay DevSec for VS Code

A SafeRelay.ai product

100% Local. Zero-Knowledge. Your secrets never leave your machine.

SafeRelay DevSec is a VS Code extension that redacts secrets, PII, and sensitive data from your files and AI prompts — entirely on your machine, with no network calls, no telemetry, and no cloud processing of any kind.


The Trust Question — Answered Up Front

Every DLP tool that touches your secrets has to answer one question:

Where does the data go when you restore a tokenized file back to its real values?

SafeRelay DevSec's answer: nowhere.

The mapping between [OPENAI_KEY_1] and sk-proj-abc123... lives in RAM only — inside your VS Code process — for the duration of your session. It is never written to disk, never sent to a server, never stored in VS Code's globalState or workspaceState, and never logged. When VS Code closes, the vault is gone.

This is what zero-knowledge actually means in practice. SafeRelay's servers, if they ever exist in your workflow, will only ever see encrypted ciphertext — never your plaintext secrets.


What It Does

  1. Sanitize a file (YAML, JSON, env, logs, config, code) → SafeRelay scans it locally, replaces secrets with typed placeholders ([OPENAI_KEY_1], [IP_1], [AWS_SECRET_1]), and writes a .redacted copy alongside the original.
  2. Share the redacted file freely — to an AI, a colleague, a Slack thread, a GitHub issue. It contains no real secrets.
  3. Restore the AI's response (or the file) → SafeRelay swaps every placeholder back with the original value from the in-memory vault. The full round-trip happens without your secrets ever appearing in chat, logs, or a third-party system.

Commands

Command Shortcut What it does
SafeRelay: Quick Menu Click status bar Action menu for all commands
SafeRelay: Sanitize File Ctrl+Shift+Alt+S Redact file → .redacted.ext + diff view
SafeRelay: Copy Selection for AI Ctrl+Shift+Alt+C Redact selected text → clipboard
SafeRelay: Restore Clipboard Ctrl+Shift+Alt+R De-tokenize clipboard with vault values
SafeRelay: Restore File Right-click De-tokenize file → .restored.ext
SafeRelay: Configure Shields Ctrl+Shift+Alt+G Toggle pattern groups via quick-pick
SafeRelay: Clear Vault Quick Menu Wipe in-memory vault immediately

All commands are also accessible via Ctrl+Shift+P → type "SafeRelay".


The Sanitize → AI → Restore Workflow

config.yaml          →  [Sanitize File]  →  config.redacted.yaml
                                              ↓
                                         Send to AI / colleague / Slack
                                              ↓
                                         AI edits it, returns modified version
                                              ↓
                          [Restore File]  →  config.restored.yaml  ← real values back

Example — before sanitize:

api_key: sk-proj-abc123def456ghi7890jklmnopqrstuvwxyz
db_host: 192.168.1.100
DB_URL=postgres://admin:s3cr3t@10.0.0.5:5432/prod
token: ghp_ABCdef1234567890xyzABCdef123456789012

After sanitize (config.redacted.yaml):

api_key: [OPENAI_KEY_1]
db_host: [IP_1]
DB_URL=[ENV_VALUE_1]
token: [GITHUB_PAT_1]

After restore — original values are back exactly as they were.


What Gets Redacted

Free — DevSec Shield

Pattern Example match
OpenAI API keys sk-proj-abc...
OpenAI legacy keys sk-abc... (non-proj/ant)
Anthropic keys sk-ant-abc...
AWS Access Key ID AKIAIOSFODNN7EXAMPLE
AWS STS temporary key ASIAIOSFODNN7EXAMPLE
AWS Secret Access Key SecretAccessKey=abc...
GitHub classic PAT ghp_abc...
GitHub fine-grained PAT github_pat_abc...
GitHub OAuth token gho_abc...
Slack token xoxb-abc...
Stripe secret key sk_live_abc... / sk_test_abc...
Stripe public key pk_live_abc... / pk_test_abc...
Bearer tokens Bearer eyJhb...
Docker PAT dckr_pat_abc...
NPM token npm_abc...
Twilio key SKabc...
SendGrid key SG.abc.def
Gemini / GCP key AIzaSy...
PEM private key header -----BEGIN PRIVATE KEY-----
IPv4 addresses 192.168.1.100, 10.0.0.5
BTC addresses Legacy, P2SH, Bech32
ETH addresses 0x... (40 hex)
Crypto WIF keys 5abc..., Kabc..., Labc...
Seed phrases 12-word and 24-word BIP39
ENV variable values DATABASE_URL=postgres://...

Pro — Additional Shields

Shield Covers
FinTech Credit cards (Luhn), US SSN, EU IBAN, Email, UK NINO, NG BVN/NIN/Bank/Phone, CA SIN, IN Aadhaar/PAN, ZA ID, AU TFN, BR CPF, SG NRIC, DE Tax ID, US Green Card
Corporate DUNS, EIN, EU VAT (27 countries)
Civic / Mission GPS coordinates, UNHCR registration IDs, donor/beneficiary IDs
Pro Tier Patterns MAC addresses, ETH private keys (0x 64-hex), Solana addresses, 64-hex crypto keys (context-aware — excludes SHA-256 checksums)

Status Bar

The $(shield) SafeRelay item shows on the right of the status bar.

  • No vault entries: $(shield) SafeRelay
  • Vault active: $(shield) SafeRelay (4) — 4 secrets stored in RAM
  • Click → Quick Menu with all actions

Settings

Setting Type Default Description
saferelayDevsec.enabled boolean false Master switch — must be ON
saferelayDevsec.licenseKey string "" Pro license key from SafeRelay.ai
saferelayDevsec.devsecShield boolean true FREE: DevSec pattern group
saferelayDevsec.fintechShield boolean false PRO: FinTech PII group
saferelayDevsec.corporateShield boolean false PRO: Corporate ID group
saferelayDevsec.civicShield boolean false PRO: Civic/Mission group
saferelayDevsec.proTier boolean false PRO: Pro-only patterns
saferelayDevsec.auditMetadataOnly boolean true Audit log: metadata only, never content

Configure shields interactively via Ctrl+Shift+Alt+G → Configure Shields — no need to edit JSON.


Security & Privacy Posture

Claim Reality
No network calls The extension makes zero outbound connections of any kind
No telemetry No usage data, no error reporting, no pings
No secrets persisted Original values are RAM-only in the SafeVault for the VS Code session lifetime
No clipboard reads Only clipboard.writeText is used — the extension never reads your clipboard except for explicit Restore Clipboard commands
Audit log = metadata only Timestamps, file names, match counts, threat categories. Never secret content.
No automatic scanning Every action requires explicit user initiation
Vault cleared on exit deactivate() calls safeVault.clear() — no vault residue

Why RAM-only is acceptable

The threat model for an in-memory vault is identical to having the file open in your editor — an attacker who can dump your VS Code process memory already has access to the file on disk. RAM-only means no persistence risk: no stolen laptop scenario, no log exfiltration, no cloud breach.


Roadmap

Phase Status Description
Phase 2 ✅ Done Scaffold: commands + status bar
Phase 3 ✅ Done DLP engine: Copy Selection for AI
Phase 4 ✅ Done Sanitize File + diff view
Phase 5 ✅ Done Vault + Restore Clipboard / Restore File
Phase 6 ✅ Done Configure Shields quick-pick, action menu, audit log, keybindings, Pro paywall
Phase 7 Planned Team Vault — E2E encrypted, zero-knowledge vault sync for teams. Senior devs sanitize; junior devs restore. Secrets encrypted client-side before leaving the machine. $10–$15/user/month.
Phase 8 Planned SafeRelay CLI / GitHub Action — wrap the DLP engine as a command-line tool and CI/CD action. Automatically sanitize logs before they ship to Datadog, Splunk, or Sentry.
Phase 9 Planned SafeRelay Desktop bridge — opt-in local service for license validation and Team Vault sync
Phase 10 Planned VS Code Marketplace release

Team Vault — How it will work (zero-knowledge)

Senior Dev machine:
  sanitizeFile() → vault entries encrypted with team key (client-side)
                 → encrypted blob synced to SafeRelay.ai servers
                 → server sees: { "abc123": "<ciphertext>" }  ← never plaintext

Junior Dev machine:
  receives redacted file via Slack
  → extension fetches encrypted blob
  → decrypts locally with team key
  → restoreFile() works exactly as today

SafeRelay's servers handle routing and storage of encrypted blobs only. They cannot decrypt vault entries. This is the 1Password / Bitwarden architecture.


Manual Test

npm install
npm run compile
  1. Open this folder in VS Code → press F5 → Extension Development Host opens
  2. Ctrl+, → search "saferelay" → set enabled to true
  3. Create a test file with:
api_key: sk-proj-abc123def456ghi7890jklmnopqrstuvwxyz
db_host: 192.168.1.100
DB_URL=postgres://user:password@10.0.0.5:5432/prod
token: ghp_ABCdef1234567890xyzABCdef123456789012
  1. Right-click the file → SafeRelay: Sanitize File → click View Diff
  2. Confirm secrets are replaced. Status bar shows $(shield) SafeRelay (4)
  3. Copy the contents of the .redacted file
  4. Run SafeRelay: Restore Clipboard → paste → original values are back
  5. Right-click the .redacted file → SafeRelay: Restore File → .restored file matches original

About SafeRelay.ai

SafeRelay DevSec is built by SafeRelay.ai — privacy-first security tooling for developers, DevOps, and enterprise teams.

License: UNLICENSED — Private. Not for redistribution.

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2026 Microsoft