Qualysec Source Code Scanner

AI-powered security vulnerability scanner for VS Code. Detect OWASP Top 10 vulnerabilities, get one-click AI fix suggestions, and export professional PDF security reports — without leaving your editor.

Features

Scan Project — Upload your workspace, scan all source files for security vulnerabilities
Scan Current File — Instantly scan the file you are editing
Inline Diagnostics — Issues appear as squiggles and in the Problems panel
AI Fix Suggestions — Click the lightbulb on any finding to apply an AI-generated fix
Security Chat — Ask the AI assistant about any vulnerability or code snippet
PDF Report Export — Download a professional PDF security report for any scan
Scan History — Re-download PDF reports for any previous scan

Requirements

An active Qualysec account (sign in via the web app)
Internet connection to reach the Qualysec backend

Getting Started

Install the extension
Click the Qualysec shield icon in the Activity Bar
Click Sign In and complete sign-in in your browser
Click Scan Project to run your first scan

Extension Settings

Setting	Default	Description
`codeSentinel.webAppUrl`	`https://codescanner.qualysec.com`	Qualysec backend URL
`codeSentinel.autoScanOnSave`	`false`	Auto-scan the active file on every save

Supported Languages

TypeScript, JavaScript, Python, PHP, Java, Go, Rust, Ruby, C, C++, C#, Swift, Kotlin, Shell, YAML, SQL, and more.

Privacy

Code is sent to the Qualysec backend for analysis. Please review the Qualysec Privacy Policy before use.

Qualysec AI Security Scanner

Qualysec Source Code