VSCode Agent Monitor

Monitor AI agent interactions in VSCode and scan for security vulnerabilities.

Features

• 🔍 Real-time Monitoring: Captures document changes and AI agent interactions
• 🔒 Security Scanning: Automatically detects API keys, passwords, and secrets
• 📊 Visual Dashboard: WebView dashboard showing telemetry and security findings
• 🔎 Event Browser: Browse, filter, and inspect individual LSP interaction events
• 💾 SQLite Storage: Persistent storage with BLAKE3 content deduplication
• 🎨 Dark Theme: Native VSCode theme integration

Installation

Requirements

• VSCode 1.85.0 or higher
• Rust and Cargo (Install Rust)

Install Extension

1. Download vscode-agent-monitor-0.1.0.vsix
2. VSCode → Extensions → "..." menu → Install from VSIX
3. Reload VSCode

Quick Start

1. Open a project folder in VSCode
2. Extension activates automatically and creates agent_telemetry.db
3. Start coding - the extension captures significant changes (>10 chars)
4. View dashboard: Cmd+Shift+P → Agent Monitor: Show Dashboard

Commands

• Agent Monitor: Show Dashboard - View telemetry and security findings
• Agent Monitor: Browse Events - Browse and inspect captured LSP events with filtering and context view
• Agent Monitor: Show Logs - See extension activity and debugging info
• Agent Monitor: Clear Data - Delete telemetry database

What Gets Monitored

• Document changes (captures substantial edits, including AI completions)
• File saves
• Context around changes (for security analysis)

Security Detection

All captured data is automatically scanned for:

• 🔴 High Severity: API keys (sk-*), passwords
• 🟠 Medium Severity: High-entropy strings (potential secrets)
• 🟡 Low Severity: Suspicious patterns

Usage

Monitoring

The extension automatically monitors your workspace when active. Check logs to see activity:

Cmd+Shift+P → "Agent Monitor: Show Logs"

You'll see:

• Database initialization
• Document changes captured
• Capture count

Dashboard

View captured data and security findings:

Cmd+Shift+P → "Agent Monitor: Show Dashboard"

The dashboard shows:

• Total events captured
• Unique files (BLAKE3 deduplication)
• Security findings by severity
• Detailed findings table

Event Browser

Browse and inspect individual captured events:

Cmd+Shift+P → "Agent Monitor: Browse Events"

The event browser shows:

• Captured LSP events with method, timestamp, and security finding count
• Filter events by method
• Inspect full request/response context and security findings per event

Manual Database Initialization

If automatic initialization fails, create the database manually:

cd /path/to/vscode-agent-monitor
cargo run --example init_db "/path/to/your/project/agent_telemetry.db"

Then reload VSCode.

Development

Architecture

• Rust Core: Security scanner, telemetry collector, storage manager
• TypeScript Extension: VSCode integration, UI
• SQLite: Persistent storage
• WebView: Dashboard visualization

See ARCHITECTURE.md for technical details.

Build Extension

npm install
npm run compile
vsce package

Run Tests

cargo test

Privacy & Security

• All data stored locally in your workspace (agent_telemetry.db)
• No external servers
• You control when to clear data
• Add agent_telemetry.db to .gitignore

License

MIT

Project Structure

vscode-agent-monitor/
├── src/                    # Rust core modules
│   ├── security_scanner.rs
│   ├── telemetry_collector.rs
│   ├── storage_manager.rs
│   └── visualization_panel.rs
├── src-ts/                # TypeScript extension
│   ├── extension.ts
│   └── lspCapture.ts
├── examples/              # Rust CLI examples
├── tests/                # Rust tests
└── out/                  # Compiled TypeScript