Aegis is a lightweight VS Code extension designed to analyze PHP source code for critical security vulnerabilities in real-time, such as SQL Injection and AI Prompt Injection.
Features
Real-time Static Analysis: Scans your PHP files instantly upon saving or modifying code.
Prompt Injection Defense: Detects potentially vulnerable LLM prompt compositions paired with unsanitized user inputs ($_GET, $_POST).
One-Click Quick Fixes (Code Actions): Press Ctrl + . on any highlighted warning to automatically secure your queries with PDO Prepared Statements or sanitize prompt inputs using htmlspecialchars.
Installation (Local VSIX)
Download the .vsix package.
Open VS Code, go to the Extensions tab (Ctrl + Shift + X).
Click on the three dots (...) in the top right corner of the extensions panel.
Select Install from VSIX... and choose the aegis-0.0.1.vsix file.
