Siphrix — VS Code extension
Surfaces the local Siphrix daemon inside VS Code. It is a thin,
security-conscious client over the daemon's loopback HTTP API — it
never executes an action, it only shows the daemon's decisions.
A packaged .vsix is built from this tree (npx @vscode/vsce package).
To install it locally without the Marketplace, see Install the .vsix
locally below. To publish it to the VS Code Marketplace, see
PUBLISHING.md.
What it gives you
- Status bar item — polls
GET /health and shows whether the
daemon is up ($(shield) Siphrix: up) or down ($(alert) Siphrix: down, with a hint to start it).
- Siphrix: Check Daemon Health — one-shot health check.
- Siphrix: Evaluate an Action — pick (or type) an action name,
POST /evaluate, and see the verdict (ALLOW / BLOCK / …) with its
reason and decision_id. Decision-only; nothing runs.
- Siphrix: Show Decision/Audit Trail —
GET /audit, rendered into
the Siphrix output channel.
- Siphrix: Block an Action (local rule) — pick an action type and a
text to match, and the extension creates a local block rule via
POST /rules. Future evaluations of that action whose command contains
the text are blocked locally.
- Siphrix: Manage Local Block/Allow Rules — list local rules and
switch each between BLOCK (enabled) and ALLOW (disabled) via
PUT /rules/{id}, or delete it. This is the Allow/Block control
surface over the daemon's rule store.
- Siphrix: Pause / Resume Monitoring — pause the extension's health
polling (the status bar shows a paused state). Honest scope: this
pauses the extension; the daemon's rules still apply to integrated
agents.
- Siphrix: Set / Clear Daemon Bearer Token — the bearer token is
stored in VS Code SecretStorage, never in
settings.json and
never logged. /health is public, so the status bar works before a
token is set; /evaluate and /audit require the token.
Settings
| Setting |
Default |
Notes |
siphrix.daemonUrl |
http://127.0.0.1:8765 |
Loopback only — the daemon rejects non-loopback binds. |
siphrix.healthPollSeconds |
15 |
Status-bar poll interval; 0 disables polling. |
Build & run from source
cd tools/vscode_extension
npm install
npm run compile # tsc -> out/extension.js
Then open tools/vscode_extension in VS Code and press F5 to launch
an Extension Development Host with the extension loaded.
Start the daemon it talks to (in another terminal):
siphrix serve --foreground
# prints one local_daemon_ready_v1 JSON line, then serves on 127.0.0.1:8765
If /evaluate / /audit return "needs a bearer token", set one with
Siphrix: Set Daemon Bearer Token (the token portion of your
SIPHRIX_LOCAL_DAEMON_TOKENS entry).
Install the .vsix locally
Build the package, then install it into your editor — no Marketplace
account required:
cd tools/vscode_extension
npm install
npx @vscode/vsce package --no-dependencies # -> siphrix-vscode-0.1.0.vsix
code --install-extension siphrix-vscode-0.1.0.vsix
(Or in VS Code: Extensions panel → … menu → Install from
VSIX… → pick the file.)
Posture
- Talks only to the loopback daemon URL you configure.
- Never executes an action —
/evaluate is decision-only.
- The bearer token lives in SecretStorage; it is never written to
settings, never logged, and never echoed.
- No telemetry, no external network calls.
