VibeSec brings AI-powered security scanning directly to your VS Code editor. Scan your codebase for real vulnerabilities, exposed secrets, and security issues before they ship.
Features
AI-Powered Scanning: Advanced static analysis using AI and Semgrep to detect real vulnerabilities
Instant Security Reports: Human-readable AI-generated reports with clear fix instructions
Private & Public Repos: Secure scanning for both public and private GitHub repositories
No Setup Required: Connect your repo with a token and start scanning in seconds
Developer-Focused: Built for developers, not compliance officers
How It Works
Connect Your Repo: Securely link your GitHub repository using a token
Run AI-Powered Scan: Analyze your code for exposed secrets, insecure patterns, and known vulnerabilities
Get Instant Report: Download detailed security reports with risk levels and actionable fixes
What VibeSec Detects
Exposed secrets and API keys
Insecure coding patterns
Known vulnerabilities in dependencies
Security misconfigurations
Bad practices that lead to security issues
Requirements
GitHub repository access
Installation
Install the extension from the VS Code Marketplace
Open Command Palette (Ctrl+Shift+P / Cmd+Shift+P)
Why VibeSec?
Real Vulnerability Detection: We audit your code, not just lint it
AI-Generated Insights: Understand what's wrong, why it matters, and how to fix it
Zero False Alarms: Surgical precision in vulnerability detection
Developer-Friendly Reports: No security expertise required to understand results
Coming Soon
One-Click Fix (Pro Tier): Automatically patch common vulnerabilities with a single click
