Documentation
Quick Start
Get CodeSentinel scanning your code in under 5 minutes.
This guide gets the VS Code plugin installed and scanning within minutes. No account required to start.
Step 1 — Install the VS Code extension
Open VS Code, then press ⌘ ⇧ X (macOS) or Ctrl Shift X (Windows/Linux) to open the Extensions panel. Search for CodeSentinel and click Install, or run the command below in the integrated terminal:
bash
code --install-extension codesentinel.vscodeStep 2 — Sign in with GitHub
After installation, a sign-in prompt appears in the bottom status bar. Click Sign in with GitHub and complete the OAuth flow in your browser. This links your extension to a CodeSentinel account (created automatically on first sign-in).
No sign-in required for local scanning
You can skip sign-in and still get local vulnerability scanning. Sign-in is only required to sync settings, access AI fix suggestions on Pro plans, and connect to the GitHub App.
Step 3 — Open a file
Open any JavaScript, TypeScript, or Python file. CodeSentinel begins scanning immediately. Within milliseconds you will see coloured underlines on any detected issues.
What you'll see
Red left-border lines for Critical severity issues.
Amber left-border lines for High severity.
Teal left-border lines for Medium severity.
A tooltip on hover with the vulnerability name, explanation, and fix options.
The Issues panel (
⌘ ⇧ P→ CodeSentinel: Show Issues) listing all findings.
Apply your first fix
Hover over a highlighted line and click + Apply AI fix in the tooltip, or place your cursor on the line and press ⌘ .. A diff preview opens — review the change and press Apply to accept it.
Next step
Install the GitHub App to protect your repository from insecure pull requests.