Zcodee — AI Security Scanner for VS Code
AI-powered vulnerability scanner that analyzes your entire codebase and delivers a prioritized, actionable security report — directly inside VS Code.
Features
- One-click scan — Click "Run Scan" in the sidebar to analyze your open workspace
- AI-powered analysis — Deep multi-file vulnerability detection across 170+ CWE categories
- Streaming thinking UX — Watch the AI reason through your code in real-time with a hacker-themed analysis feed
- Inline results — Expand any finding to see the attack vector, impact, code snippet, and concrete fix suggestion
- Click-to-open — Jump directly to the vulnerable line in your editor
- Scan history — View all past scans and their risk scores
- Incremental scanning — Unchanged files are cached, so rescans are 70–90% faster
- Credit system — 5 free scans on signup, buy more credits or subscribe for unlimited
Getting Started
- Install the extension from the Marketplace
- Click the Zcodee shield icon in the Activity Bar
- Click Sign in — you'll be taken to the web app to create an account
- Open a project folder and click Run Scan
Extension Settings
| Setting |
Default |
Description |
zcodee.apiUrl |
https://api.zcodee.com |
Backend API base URL |
zcodee.webUrl |
https://zcodee.com |
Web app URL for sign-in |
Supported Languages
Java, Kotlin, Python, JavaScript, TypeScript, Go, Ruby, PHP, C#, Rust, Swift, C/C++, Scala, Groovy — plus config files like Dockerfile, YAML, Terraform, and .env.
How It Works
- The extension collects source files from your workspace (up to 300 files, max 1 MB each)
- Files are sent to the Zcodee backend over TLS for analysis
- The backend runs Semgrep static analysis first, then AI deep analysis on flagged/high-priority files
- Results are streamed back with severity rankings, attack vectors, and fix suggestions
- Your source code is not retained after analysis — only findings and file fingerprints are stored
Requirements
- A Zcodee account (free signup at zcodee.com)
- VS Code 1.85.0 or later
- Internet connection for backend communication
Pricing
| Plan |
Price |
Includes |
| Free |
$0 |
5 scans/month, 25 files/scan |
| Pro |
$15/mo |
200 credits/month, no file limit, PDF reports |
| Team |
$35/mo |
600 credits, 5 seats, shared pool |
| Credits |
From $2 |
10–300 credits, never expire |
Release Notes
1.0.0
- Initial production release
- Full real-time AI vulnerability analysis
- Streaming thinking phases with hacker-themed UX
- Interactive findings with click-to-open file navigation
- Scan history tracking
- Browser-based authentication flow
- Xentripay credit purchases
Links
Built with ❤️ by Sicily Labs
| |
