SafeKeyLab for VS Code
Protect your code from accidental PII exposure and prompt injection attacks with SafeKeyLab's VS Code extension.
Features
PII Detection
Real-time scanning of your code and text files for personally identifiable information (PII):
- Email addresses - Detects email patterns in your code
- Phone numbers - US and international formats
- Social Security Numbers - SSN patterns with high accuracy
- Credit card numbers - Major card formats (Visa, Mastercard, Amex, Discover)
- API keys and secrets - Common API key patterns and secret tokens
- AWS Access Keys - AWS credential detection
- Private keys - RSA, EC, and other private key formats
- JWT tokens - JSON Web Token detection
- IP addresses - IPv4 address detection
- Dates of birth - DOB patterns in various formats
- Passport and driver's license numbers - Common ID document patterns
Prompt Security
Analyze text for prompt injection risks before sending to LLMs:
- Instruction override attempts - Detects "ignore previous instructions" patterns
- Role hijacking - "You are now..." and similar patterns
- System prompt extraction - Attempts to leak system prompts
- Known jailbreaks - DAN, STAN, and other common jailbreak patterns
- Delimiter injection - Special tokens that manipulate conversation structure
- Base64 obfuscation - Encoded payloads that may hide malicious content
- Context manipulation - Attempts to reset or manipulate conversation context
- Unicode tricks - Hidden characters that may conceal content
Status Bar Integration
Always-visible protection status in your VS Code status bar:
- Shows current protection status
- Displays count of detected issues
- Quick access to scan commands
Commands
Access these commands via the Command Palette (Ctrl+Shift+P / Cmd+Shift+P):
| Command |
Description |
SafeKeyLab: Scan File for PII |
Manually scan the current file for PII |
SafeKeyLab: Check Prompt Security |
Analyze selected text for prompt injection risks |
SafeKeyLab: Redact PII in Selection |
Replace detected PII with redacted placeholders |
Configuration
Configure the extension in VS Code Settings (Ctrl+, / Cmd+,):
| Setting |
Type |
Default |
Description |
safekeylab.apiKey |
string |
"" |
API key for enhanced SafeKeyLab detection. Leave empty for offline mode. |
safekeylab.enableRealTimeScanning |
boolean |
true |
Enable real-time PII scanning as you type |
safekeylab.highlightPII |
boolean |
true |
Highlight detected PII in the editor |
Offline vs API Mode
Offline Mode (Default)
The extension works out of the box with local pattern matching:
- No API key required
- All processing happens locally
- Fast, real-time detection
- Pattern-based detection for common PII types
API Mode (Enhanced)
With a SafeKeyLab API key, you get enhanced detection:
- Machine learning-powered detection
- Higher accuracy and fewer false positives
- Detection of context-aware PII
- Additional PII types and patterns
- Continuous updates to detection capabilities
Get your API key at safekeylab.com
Usage Examples
Scanning for PII
- Open any file in VS Code
- Real-time scanning happens automatically (if enabled)
- PII issues appear in the Problems panel with detailed descriptions
- Use
SafeKeyLab: Scan File for PII for a manual scan with summary
Checking Prompt Security
- Select text containing a prompt or LLM input
- Right-click and select "SafeKeyLab: Check Prompt Security"
- Or use the Command Palette:
SafeKeyLab: Check Prompt Security
- View detailed results in the output panel
Redacting PII
- Select text containing PII
- Right-click and select "SafeKeyLab: Redact PII in Selection"
- PII will be replaced with redacted placeholders (e.g.,
j**************n for john@example.com)
Right-click in the editor to access:
- Check Prompt Security - When text is selected
- Redact PII in Selection - When text is selected
Diagnostic Severity Levels
- Error (Red) - Critical PII: SSN, credit cards, API keys, private keys, AWS keys
- Warning (Yellow) - Sensitive PII: emails, phone numbers, JWT tokens, DOB
- Information (Blue) - Potentially sensitive: IP addresses
Requirements
- VS Code 1.85.0 or higher
- Node.js 18+ (for API mode)
Installation
From VS Code Marketplace
- Open VS Code
- Go to Extensions (
Ctrl+Shift+X / Cmd+Shift+X)
- Search for "SafeKeyLab"
- Click Install
From VSIX
- Download the
.vsix file
- Open VS Code
- Go to Extensions
- Click the
... menu and select "Install from VSIX..."
- Select the downloaded file
Privacy
- Offline mode: All processing happens locally. No data leaves your machine.
- API mode: Only the text being analyzed is sent to SafeKeyLab servers. We do not store or log your code.
Support
License
MIT License - see LICENSE for details.
Made with security in mind by SafeKeyLab
