TitanShield Security 🛡️

AI-powered security scanner for VS Code — real-time vulnerability detection with CWE classification, auto-fix suggestions, and workspace-wide scanning.

Features

🔍 Real-Time Scanning

Automatically scans files on save and flags vulnerabilities with squiggles
Red squiggles for Critical/High, yellow for Medium/Low
Status bar shows live finding count: ⚠ 3 findings (red) or ✓ Clean (green)

🎯 What It Detects

Category	Examples
Secrets	Hardcoded passwords, API keys, tokens
Injection	SQL injection, command injection, eval() abuse
Crypto	Weak randomness (`Math.random`), weak algorithms
XSS	`innerHTML` with user input
Path Traversal	`fs.readFile` with request data
Auth	JWT decoded (not verified)

📋 Scan Options

Trigger	Scope
Auto (on save)	Current file
`⌘⇧P` → Scan Current File	Active editor tab
`⌘⇧P` → Scan Open Files	All open tabs
Right-click folder → TitanShield: Scan Folder	Selected folder
`⌘⇧P` → Scan Workspace	Entire project

📊 Output Channel

Open View → Output → TitanShield to see a detailed log with clickable file links that jump to the exact flagged line:

📁 Scanning folder "services" — 3 files found
▶ Scanning services/QuantumVerificationService.js…
  🟡 /path/services/QuantumVerificationService.js:269:1: [MEDIUM] Weak randomness — CWE-338
  ↳ 1 finding | Grade: C/B

💡 Quick Fix

Hover over any squiggle and press ⌘. to:

⚡ Apply fix — auto-patches the vulnerable line
🎓 Explain — shows the CWE description + link to MITRE

Requirements

VS Code ^1.85.0
Internet connection (scans via TitanShield Cloud API)

Extension Settings

Setting	Default	Description
`titanshield.apiEndpoint`	`https://us-central1-titanshield-ai.cloudfunctions.net`	Backend API URL
`titanshield.minSeverity`	`medium`	Minimum severity to report (`low`, `medium`, `high`, `critical`)
`titanshield.scanOnSave`	`true`	Auto-scan on file save
`titanshield.privacy`	`true`	Strip identifiers before sending to API

Configure via ⌘, → search "TitanShield".

Supported Languages

TypeScript · JavaScript · Python · Go · Java · Rust · C/C++ · PHP · Ruby

About

Built by TitanShield AI — enterprise security intelligence for development teams.
🌐 titanshield.ai