BUGGER Scanner (VS Code Extension)

HTML vulnerability scanner for VS Code. Find XSS risks, insecure forms, missing headers — with fixes and OWASP/CWE links.

Prerequisites

Install the BUGGER CLI:

pip install bugger-scanner

Command	Description
BUGGER: Scan current file	Scan the active HTML/JS/CSS file
BUGGER: Scan folder	Scan all HTML/JS/CSS files in the workspace
BUGGER: Fix current file	Auto-fix target=_blank, charset issues

Setting	Default	Description
`bugger.scanOnSave`	`false`	Run scan when saving HTML/JS/CSS files
`bugger.buggerPath`	`bugger`	Path to bugger CLI

Open an HTML, JS, or CSS file
Run BUGGER: Scan current file from the Command Palette (Ctrl+Shift+P / Cmd+Shift+P)
Findings appear in the Problems panel with severity (Error=HIGH, Warning=MED, Info=LOW)
Use BUGGER: Fix current file to auto-fix supported issues