🛡️ VibeSecPro

Real-time security guardrails for the Vibe Coding generation.

VibeSecPro is a professional grade VS Code extension designed for developers who move at light-speed with AI-generated code (Cursor, Claude, ChatGPT). It acts as an active, zero-latency guardrail, detecting security vulnerabilities at creation time—right when you paste or save code.

🚀 Why VibeSecPro?

Vibe coders move fast. We paste large blocks of AI-generated code and ship. But AI often hallucinations security: hardcoded secrets, SQL injections, and dangerous function calls are common. VibeSecPro ensures you don't trade speed for security by catching these risks inside your editor.

✨ Key Features

⚡ Instant AI Paste Detection

Monitors your editor for large insertions (AI blocks). Detections happen in milliseconds—before you even hit save.

� Security Hub Dashboard

A centralized dashboard to monitor your project's security health.

• Global Overview: Real-time stats on Critical, High, and Medium issues.
• Interactive Navigation: Click any issue to jump directly to the vulnerable line.
• Markdown Export: Export filtered reports to feed back into your AI for remediation.

🖱️ Activity Bar Sidebar

Access everything with one click. Our secondary sidebar provides quick access to the Security Hub and full workspace scans.

💡 One-Click Quick Fixes

Don't just find security debt—vibe your way out of it. Use "Fix with VibeSecPro" to automatically replace insecure patterns with protected alternatives.

💻 Professional CLI

Audit your code from the terminal and CI/CD pipelines. Same rules, same engine, same protection.

🛠️ Installation

VS Code Marketplace

1. Search for VibeSecPro in the Extensions view.
2. Click Install.

Manual (.VSIX)

1. Download the latest vibesecpro-v1.2.2.vsix from Releases.
2. In VS Code, run Extensions: Install from VSIX... from the Command Palette (cmd+shift+p).

📖 How to Use

In the Editor

• Squiggles: Vulnerabilities are highlighted with red/yellow squiggles immediately.
• Quick Fix: Hover over a squiggle and select "Fix with VibeSecPro" (cmd+.).
• Sidebar: Click the 🛡️ icon in your Activity Bar to open the Security Hub.

In the Terminal

# Install and link globally
npm install && npm run build
npm link

# Scan your project
vibesec scan .

🛡️ Security Rules

VibeSecPro covers 200+ security patterns across:

• Secrets: OpenAI, AWS, Supabase, Firebase, RSA keys, JWT secrets.
• Injections: SQLi, NoSQLi, XSS, and AI Prompt Injection.
• Dangerous Fn: eval(), child_process.exec(), pickle.loads().
• Auth & Crypto: Weak hashing (MD5/SHA1), insecure random numbers.

See RULES.md for the full detailed documentation.

🌍 Supported Languages

• JavaScript / Node.js
• TypeScript
• Python

🛠️ Developed By

• Lead Developer: devpreshy (@HonoredOnly)
• GitHub: Preshy

Built for the Vibe Coding Era. Stop shipping hallucinations, start shipping secure code.