Detect malicious Python packages using AI-powered sandbox detonation, right from your editor.
Features
🔍 One-command scan — Run Sentry-Box: Scan Python Package from the command palette
🤖 AI-powered analysis — Uses Google Gemini to generate test scripts and analyze behavior
🐳 Docker sandbox — Packages are detonated inside an isolated container with isolate
🛡️ Clear verdicts — SAFE ✅ / BLOCKED 🚫 with risk scores and detailed transcripts
📊 Full transcript — View the complete detonation log in the Output panel
Installation
From VSIX file (local install)
# Build the VSIX
cd vscode-extension
npm install
npm run compile
npm run package
# Install in VS Code
code --install-extension sentry-box-ai-0.1.0.vsix
Prerequisites
Sentry-Box FastAPI server must be running:
cd /path/to/sentry-box
source .venv/bin/activate
uvicorn service.main:app --host 0.0.0.0 --port 8000
Docker must be installed and running (for sandbox detonation).
Configuration
Open VS Code Settings (Cmd+, / Ctrl+,) and search for Sentry-Box:
Setting
Default
Description
sentryBox.apiUrl
http://localhost:8000
URL of the FastAPI server
sentryBox.apiToken
(empty)
API token for X-API-KEY header
Usage
Open the Command Palette (Cmd+Shift+P / Ctrl+Shift+P)
Type Sentry-Box: Scan Python Package
Enter a package name (e.g., requests, flask, numpy)
Wait for the scan to complete (typically 30–90 seconds)
View the verdict notification and full transcript in the Output panel
How It Works
VS Code Extension
│
▼
FastAPI Server (localhost:8000)
│
├─── Gemini AI generates test script
├─── Docker sandbox detonates package
│ └── isolate (Linux namespaces)
├─── Wiretap captures behavior
└─── Gemini AI analyzes telemetry
│
▼
SAFE ✅ or BLOCKED 🚫
Development
cd vscode-extension
npm install
npm run watch # Auto-compile on change
# Press F5 in VS Code to launch Extension Development Host
