Skip to content
| Marketplace
Sign in
Visual Studio Code>Linters>SoterAI IDE Guard — Local AI SecurityNew to Visual Studio Code? Get it now.
SoterAI IDE Guard — Local AI Security

SoterAI IDE Guard — Local AI Security

Preview

SoterAI

|
1 install
| (0) | Free
Protect secrets, prompts, MCP tools, terminal commands, and AI coding context locally before they reach AI.
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info

SoterAI IDE Guard

Local-first AI security guard for VS Code. SoterAI IDE Guard scans your code, selections, terminal commands, git changes, and AI prompts for secrets, PII, prompt-injection, and insecure AI-generated code — entirely on your machine. Nothing leaves your computer unless you explicitly connect to SoterAI Cloud.

Features

  • Scan Current File / Selection / Workspace — detect leaked secrets, PII, and risky patterns with a redacted, evidence-minimized report.
  • Redact Selection for AI — copy a safe, redacted version of your selection to the clipboard before pasting it into an AI assistant. Raw secrets are never copied — a fail-closed safety net masks anything the detectors miss.
  • Scan Before AI Prompt — paste a prompt, scan it locally, and get an allow / redact / block verdict plus a safe prompt to copy.
  • Scan Git Changes — scan your staged + unstaged diff for secrets and flag sensitive files (.env, *.pem, *.key, credentials) before you commit.
  • Check Terminal Command — flag destructive or remote-exec shell commands.
  • Review Selected AI Code — surface likely vulnerabilities (SQL injection, etc.) in AI-generated code in a hardened webview.
  • Configure Policy — pick local / team / enterprise mode, thresholds, cloud, and telemetry level from a QuickPick.
  • Security Dashboard — risk score, latest findings, and cloud sync status.

Additional v0.2 local controls:

  • Local AI Broker — authenticated loopback-only OpenAI/Anthropic-compatible routing with request/response scanning, redaction, and canary blocking.
  • AI Safe Mode — Developer, Strict, and Enterprise protection overlays for SoterAI-routed workflows.
  • AI Memory Inspector — hashes, decisions, redacted evidence, and file metadata showing what SoterAI brokered or built for AI.

Privacy & Security

  • Local-first. All detection and redaction runs locally in the extension host.
  • No raw secrets leave the extension. redactedText, clipboard output, the local hash cache, telemetry events, logs, webviews, and exported reports are all guaranteed free of raw secret material (canary-tested — see docs/ide-guard-privacy-canary-report.md).
  • Redacted, opt-in telemetry only. Off by default; when enabled, only minimized, redacted event metadata is queued — never content or tokens.
  • Cloud tokens are stored in VS Code SecretStorage, never logged.

Workspace Trust

The extension declares limited untrusted-workspace support:

Capability Trusted workspace Restricted (untrusted)
Local scanning & redaction ✅ ✅
Cloud connect / token storage ✅ 🚫 disabled
Remote scan escalation ✅ 🚫 disabled

Local scanning always works; cloud/token/remote features are gated behind a trusted workspace and surfaced clearly in the dashboard.

Commands

SoterAI: Scan Current File, Scan Selection, Scan Workspace Risk, Redact Selection for AI, Scan Before AI Prompt, Scan Git Changes, Check Terminal Command, Review Selected AI Code, Configure Policy, Open Security Panel, Connect to / Disconnect Cloud, Export Local Risk Report.

Development

npm run typecheck   # tsc --noEmit
npm run lint        # eslint
npm run test        # node --test (static manifest/contract tests)
npm run bundle      # extension + standalone local broker bundles
npm run package     # bundle + vsce package -> .vsix

The extension is bundled with esbuild into a single dist/extension.js (with @soterai/guard-core inlined) so the packaged VSIX stays small and never follows the symlinked monorepo.

License

See LICENSE (Business Source License 1.1). © SoterAI.

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2026 Microsoft