Scan AI agent code for security vulnerabilities directly in VS Code. Inline diagnostics for OWASP ASI Top 10 vulnerabilities.
- Download
agentguard-0.1.0.vsixfrom Releases - In VS Code: Extensions -> menu -> "Install from VSIX..."
- Select the downloaded file
git clone https://github.com/dockfixlabs/agentguard-vscode
cd agentguard-vscode
npm install
npx vsce package
# Install the generated .vsix file in VS Code- Scan current file - Right-click -> "AgentGuard: Scan Current File"
- Scan entire workspace - Command palette -> "AgentGuard: Scan Workspace"
- Inline diagnostics - Findings appear as squiggly underlines in your editor
- Findings tree view - All findings in the AgentGuard sidebar panel
- Scan on save - Optional automatic scanning on file save
- 10 OWASP ASI rules - Prompt injection, tool abuse, data exfiltration, and more
- Severity colors - Critical (red), High (orange), Medium (yellow), Low (blue)
pip install dfx-agentguard- Open a Python/JavaScript/TypeScript file with AI agent code
- Run "AgentGuard: Scan Workspace" from the command palette (
Ctrl+Shift+P) - View findings as inline diagnostics + in the sidebar tree view
- Click any finding to jump to the source location
| Setting | Default | Description |
|---|---|---|
agentguard.minSeverity |
MEDIUM |
Minimum severity to report |
agentguard.scanOnSave |
false |
Auto-scan on file save |
agentguard.pythonPath |
python |
Python executable path |
Python, JavaScript, TypeScript, JSX/TSX, Ruby, Go, Rust, Bash, YAML, JSON, TOML
MIT