HoundDog.ai Privacy-by-Design Code Scanner

This extension integrates with the HoundDog.ai Privacy by Design Code Scanner, a lightweight and ultra fast source code analysis tool designed to embed privacy into every stage of development. It discovers third party and AI integrations, including shadow AI, detects exposures of Personally Identifiable Information (PII), Protected Health Information (PHI), and authentication tokens in LLM prompts and other often overlooked surfaces such as logs, files, and third party SDKs, and blocks unapproved data types before any code reaches production.

Features

Workspace-wide scanning: Scans your entire open workspace to detect vulnerabilities where sensitive data (e.g., PII/PHI) is exposed in plaintext within logs, files, cookies, tokens, and third-party integrations (e.g., Datadog, Sentry, Segment, etc.). Here is a sample of the vulnerability types covered by HoundDog.ai:
- CWE-201: Information Exposure Through Sent Data
- CWE-209: Information Exposure Through an Error Message
- CWE-312: Cleartext Storage of Sensitive Information
- CWE-313: Cleartext Storage in a File or on Disk
- CWE-315: Cleartext Storage of Sensitive Information in a Cookie
- CWE-532: Insertion of Sensitive Information into Log File
- CWE-539: Use of Persistent Cookies Containing Sensitive Information
Problem integration: Displays the detected vulnerabilities directly in the "Problems" panel, making it easier to track and address issues.
Remediation strategies: Provides recommendations on how to fix PII leaks, including omitting the exposed data or sanitizing it before exposure (e.g., masking, encryption, obfuscation, etc.).

Extension showcase

extension showcase

Requirements

To use this extension, you need the following:

HoundDog.ai Privacy by Design Code Scanner CLI: Ensure the HoundDog.ai Privacy by Design Code Scanner CLI is installed and accessible in your system's PATH. Please follow these guidelines to install the scanner: https://docs.hounddog.ai/scanner/installation

Extension Settings

The extension adds the following configurable settings:

houndDogScanner.enableDataElements: Toggle the inventory of sensitive data elements found in your workspace. Enabled by default for comprehensive scans but can be disabled for faster performance.
Default keybind: ctrl+shift+h

Release Notes

Please refer to the CHANGELOG.

Issues

For reporting bugs or viewing current issues, visit our Issues page. Please use the label vscode-extension.

Discussions

Join ongoing conversations or start new topics on our Discussions page.