QuantumGenie Crypto Scanner

QuantumGenie Crypto Scanner is a Visual Studio Code extension for inline cryptography security scanning, weak encryption detection, and post-quantum cryptography readiness checks in source code.

It is designed to help developers spot risky cryptography usage directly in the editor before code reaches pull requests, CI pipelines, or production environments.

What It Detects Today

The current MVP highlights high-signal crypto weaknesses such as:

• MD5
• SHA-1
• DES
• 3DES
• RC4
• AES-ECB
• deprecated Node crypto APIs
• possible hardcoded key material
• possible short RSA key usage
• potential insecure randomness usage in Python

Findings show up in:

• inline editor diagnostics
• the VS Code Problems panel
• a manual command:
  • QuantumGenie: Scan Active File

Why Developers Would Install It

This extension is meant for teams that care about:

• cryptography linting
• secure coding
• encryption review
• crypto-agility
• post-quantum migration readiness
• identifying weak legacy crypto before it spreads further into the codebase

Languages In Scope

Current MVP coverage targets:

• JavaScript
• TypeScript
• Python
• Java
• Go
• C#

Roadmap

The long-term plan is one shared QuantumGenie detection engine across:

• VS Code extension diagnostics
• GitHub pull request and CI checks
• GitLab merge request and pipeline checks

Planned improvements include:

• AST-backed analysis instead of regex-only matching
• workspace scanning
• remediation links and quick fixes
• policy-based organization rules
• optional QuantumGenie API-backed deep analysis

Local Development

1. Open this folder in VS Code:
   • tools/vscode-quantumgenie
2. Install dependencies:

   npm install
   

3. Press F5 to launch an Extension Development Host.
4. Open a file with insecure cryptography usage and look for diagnostics.

Marketplace Notes

Marketplace discovery is influenced by your extension metadata, README content, installs, ratings, and publisher trust. This README is intentionally written to help discovery for searches such as:

• cryptography
• crypto scanner
• weak encryption
• post quantum cryptography
• security linting
• encryption security

Publishing

See PUBLISHING.md for the exact steps to:

• create a Marketplace publisher
• generate the Personal Access Token
• build the first .vsix
• publish to the Visual Studio Marketplace