> ## Documentation Index
> Fetch the complete documentation index at: https://docs.promptguard.co/llms.txt
> Use this file to discover all available pages before exploring further.

# VS Code Extension

> See unprotected LLM calls directly in your editor

<Info>
  The PromptGuard VS Code extension highlights unprotected LLM SDK calls in your code and provides quick fixes to add protection.
</Info>

## Installation

### From VS Code Marketplace

1. Open VS Code
2. Go to **Extensions** (Cmd/Ctrl + Shift + X)
3. Search for **"PromptGuard"**
4. Click **Install**

### From Command Line

```bash theme={"system"}
code --install-extension promptguard.promptguard-vscode
```

### From VSIX

Download from [GitHub Releases](https://github.com/promptguard/vscode/releases):

```bash theme={"system"}
code --install-extension promptguard-vscode-0.2.1.vsix
```

## Features

### Inline Diagnostics

Unprotected LLM calls are highlighted with squiggly underlines:

* **Red** (Error): Unprotected calls in production code
* **Yellow** (Warning): Calls in potentially sensitive files
* **Blue** (Info): Protected calls (informational)

### Hover Information

Hover over a highlighted call to see:

* Provider name (OpenAI, Anthropic, etc.)
* Whether it's protected
* Link to fix or learn more

### Quick Fixes

Click the lightbulb or press `Cmd/Ctrl + .` to see fixes:

| Fix                        | Description                |
| -------------------------- | -------------------------- |
| **Add promptguard.init()** | Initialize SDK at file top |
| **Wrap with GuardClient**  | Use direct scanning        |
| **Add to ignore list**     | Suppress this finding      |
| **Open documentation**     | Learn more                 |

### Problems Panel

All findings appear in the **Problems** panel (Cmd/Ctrl + Shift + M):

```
src/api/chat.py
  ⚠ Line 45: Unprotected OpenAI call (promptguard)
  ⚠ Line 89: Unprotected OpenAI call (promptguard)

src/agents/helper.ts
  ⚠ Line 23: Unprotected Anthropic call (promptguard)
```

### Status Bar

The status bar shows protection status:

* **Protected** -- All LLM calls are secured
* **3 unprotected** -- Click to see findings
* **Scanning...** -- Analysis in progress

## Configuration

### Settings

Open **Settings** (Cmd/Ctrl + ,) and search for "PromptGuard":

| Setting                  | Default          | Description               |
| ------------------------ | ---------------- | ------------------------- |
| `promptguard.enable`     | `true`           | Enable/disable extension  |
| `promptguard.scanOnSave` | `true`           | Scan when file is saved   |
| `promptguard.scanOnOpen` | `true`           | Scan when file is opened  |
| `promptguard.severity`   | `warning`        | Diagnostic severity level |
| `promptguard.exclude`    | `["**/test/**"]` | Glob patterns to exclude  |

### settings.json

```json theme={"system"}
{
  "promptguard.enable": true,
  "promptguard.scanOnSave": true,
  "promptguard.severity": "error",
  "promptguard.exclude": [
    "**/test/**",
    "**/tests/**",
    "**/*.test.ts",
    "**/*_test.py"
  ]
}
```

### Workspace Settings

Create `.vscode/settings.json` in your project:

```json theme={"system"}
{
  "promptguard.exclude": [
    "**/fixtures/**",
    "**/mocks/**"
  ]
}
```

## Commands

Access via Command Palette (Cmd/Ctrl + Shift + P):

| Command                             | Description                 |
| ----------------------------------- | --------------------------- |
| **PromptGuard: Scan Current File**  | Scan the active file        |
| **PromptGuard: Scan Workspace**     | Scan all files in workspace |
| **PromptGuard: Initialize Project** | Run `promptguard init`      |
| **PromptGuard: Show All Findings**  | Open findings panel         |
| **PromptGuard: Clear Diagnostics**  | Remove all highlights       |

## Supported Languages

| Language   | File Extensions       |
| ---------- | --------------------- |
| Python     | `.py`                 |
| JavaScript | `.js`, `.mjs`, `.cjs` |
| TypeScript | `.ts`, `.mts`, `.cts` |
| JSX        | `.jsx`                |
| TSX        | `.tsx`                |

## Supported Providers

The extension detects calls to:

* OpenAI
* Anthropic
* Google AI (Gemini)
* Cohere
* AWS Bedrock
* Azure OpenAI
* Mistral
* Groq

## Ignoring Findings

### Inline Comment

```python theme={"system"}
# promptguard-ignore: intentionally unprotected
response = client.chat.completions.create(...)
```

```typescript theme={"system"}
// promptguard-ignore: test fixture
const response = await openai.chat.completions.create(...);
```

### File-level Ignore

```python theme={"system"}
# promptguard-ignore-file
# This entire file is ignored by PromptGuard
```

### Via Settings

Add to `promptguard.exclude`:

```json theme={"system"}
{
  "promptguard.exclude": [
    "**/legacy/**",
    "src/deprecated.py"
  ]
}
```

## Integration with CLI

The extension uses the same detection engine as the CLI. If you have the CLI installed, the extension will use it for scanning:

```bash theme={"system"}
# Install CLI for better performance
brew install promptguard/tap/promptguard
```

Without the CLI, the extension uses a built-in scanner.

## Troubleshooting

<AccordionGroup>
  <Accordion title="Extension not activating">
    **Check**:

    * Is the file a supported language (.py, .ts, .js)?
    * Is `promptguard.enable` set to `true`?

    **Try**:

    * Reload window: Cmd/Ctrl + Shift + P → "Reload Window"
    * Check Output panel for errors: View → Output → PromptGuard
  </Accordion>

  <Accordion title="Findings not showing">
    **Check**:

    * Is the file excluded in settings?
    * Does the file have LLM SDK imports?

    **Try**:

    * Run "PromptGuard: Scan Current File" manually
    * Check the Problems panel (Cmd/Ctrl + Shift + M)
  </Accordion>

  <Accordion title="Too many findings / false positives">
    **Solutions**:

    * Add test directories to `promptguard.exclude`
    * Use `# promptguard-ignore` comments
    * Lower severity to `information`
  </Accordion>

  <Accordion title="Performance issues">
    **Solutions**:

    * Disable `scanOnSave` for large projects
    * Add `node_modules`, `.venv` to exclude list
    * Install CLI for faster native scanning
  </Accordion>
</AccordionGroup>

## Telemetry

The extension collects anonymous usage data to improve the product:

* Extension activation events
* Command usage counts
* Error reports (no code content)

Disable in settings:

```json theme={"system"}
{
  "promptguard.telemetry": false
}
```

Or use VS Code's global telemetry setting:

```json theme={"system"}
{
  "telemetry.telemetryLevel": "off"
}
```

## Changelog

### v0.2.1 (February 2026)

* Added AWS Bedrock provider detection
* Improved TypeScript parsing
* Fixed false positives in JSX

### v0.2.0 (January 2026)

* Quick fix actions
* Status bar indicator
* Workspace scanning

### v0.1.0 (December 2025)

* Initial release
* Python and JavaScript support
* Inline diagnostics

## Contributing

The extension is open source:

* **Repository**: [github.com/promptguard/vscode](https://github.com/promptguard/vscode)
* **Issues**: Report bugs or request features
* **Pull Requests**: Contributions welcome

## Next Steps

<CardGroup cols={2}>
  <Card title="CLI Tool" icon="terminal" href="/tools/cli">
    Scan from command line
  </Card>

  <Card title="GitHub Scanner" icon="github" href="/tools/github-scanner">
    Automated CI scanning
  </Card>

  <Card title="Python SDK" icon="python" href="/guides/python-sdk">
    Runtime protection
  </Card>

  <Card title="Node.js SDK" icon="node-js" href="/guides/node-sdk">
    JavaScript protection
  </Card>
</CardGroup>
