VS Code Extension
AI coding assistants read your open files, selections, and context to answer. SoterAI IDE Guard inspects that context on your machine — flagging secrets, PII, prompt-injection text, risky MCP tools, and dangerous terminal commands — before it is shared with Copilot, Cursor, Claude, or any AI model.
Runs locally in your editor. Secret, PII, prompt-injection, and MCP scanning happen on your machine before anything reaches an AI model.
Scan the current file, a selection, or the whole workspace for API keys, tokens, database URLs, and personal data. Detection runs in-process; nothing is uploaded to run a scan.
Check exactly what an assistant is about to see and redact sensitive spans before you send them, so credentials do not leave your editor by accident.
Inspect Model Context Protocol server configs and tool permissions, and flag over-broad or risky tool recommendations before you enable them.
Warn on destructive or exfiltration-prone shell commands (in warn or approval mode) before they run from an AI suggestion.
Keep a local record of what context AI saw during a session so you can review exposure after the fact.
Generate fake canary secrets, plant them in test files, and verify they never appear in logs, reports, or AI output.
Install and open a workspace
Add the extension from the VS Code Marketplace. All scanning defaults to local; cloud features are opt-in and disabled in untrusted workspaces.
Scan on demand or before a prompt
Run a scan of the file, selection, or workspace, or use “Scan Before AI Prompt” to review and redact context first.
Redact, approve, or block
Redact detected secrets, approve safe context for the session, or block risky context and MCP recommendations.
Review the ledger
Use the Memory Inspector and Access Ledger to see what AI saw and export a local report.
No security tool is perfect. Here is what this feature does not claim to do, so you can layer defenses appropriately.
No. Secret, PII, prompt-injection, and MCP scanning run locally in the extension host. Cloud connection and remote scan escalation are opt-in, disabled by default, and disabled entirely in untrusted workspaces.
Yes. The extension is editor-side. It scans and redacts the context you are about to share, and its optional Local AI Broker can sit in front of OpenAI- or Anthropic-compatible endpoints those tools use.
The extension is free to install and its local scanning works without an account. Team and enterprise policy sync are optional paid cloud features.
Install SoterAI IDE Guard and scan secrets, prompts, MCP tools, and terminal commands locally before they ever reach an AI model.
Install for VS Code