VS Code Extension
The Cybrium VS Code extension brings real-time security scanning directly into your editor — powered by cyscan with 1,067 rules across 19 languages.
Install
Search "Cybrium" in the VS Code Extensions panel, or:
code --install-extension cybrium-ai.cybrium
Marketplace: marketplace.visualstudio.com/items?itemName=cybrium-ai.cybrium
Prerequisites
brew tap cybrium-ai/cli
brew install cyscan # Required — SAST/SCA/secrets
brew install cyweb # Optional — web vulnerability scanning
Features
Real-Time Scanning
Files are automatically scanned on save. Findings appear as inline diagnostics with severity-appropriate colors:
- Error (red) — Critical and High severity
- Warning (yellow) — Medium severity
- Info (blue) — Low severity
- Hint (gray) — Informational
Quick Fix
Click the lightbulb on any finding to see available fixes. One-click apply patches the vulnerable code directly.
Explain Vulnerability
Right-click a finding → Cybrium: Explain Vulnerability to open a side panel with:
- What's wrong and why it matters
- CWE reference and OWASP mapping
- Remediation guidance
- Reachability status (is the vulnerable function actually called?)
Web Scanning
Cmd+Shift+P → "Cybrium: Web Scan" — enter a URL to scan for:
- SQL injection, XSS, SSRF, SSTI, XXE
- Missing security headers (CSP, HSTS, X-Frame-Options)
- Server misconfigurations
- Known CVE paths
- TLS/certificate issues
- 22 fuzz categories total
Requires cyweb (brew install cyweb).
Repository Health
Cmd+Shift+P → "Cybrium: Repository Health Check" — 14 security hygiene checks with a score:
- License, README, SECURITY.md, CODEOWNERS
- No .env committed, no hardcoded secrets
- Dependency lockfiles, Dependabot/Renovate
- Dockerfile non-root user
- No security TODOs
Framework Detection
Cmd+Shift+P → "Cybrium: Detect Frameworks" — identifies 35 frameworks: Django, Flask, FastAPI, React, Next.js, Express, Vue, Angular, Spring Boot, Rails, Laravel, and more.
AI Fix
Cmd+Shift+P → "Cybrium: AI Fix" — sends your code to the Cybrium platform where Claude AI generates a complete fix. Opens side-by-side diff for review. Requires API key.
Commands
| Command | Shortcut | Description |
|---|---|---|
| Scan Current File | (auto on save) | Scan active file |
| Scan Workspace | — | Scan entire workspace |
| Web Scan | — | Enter URL, run cyweb |
| Repository Health | — | 14-point health score |
| Detect Frameworks | — | Show detected frameworks |
| Fix All | — | Apply all cyscan fixes |
| AI Fix | — | Claude generates fixes |
| Explain | — | Side panel with CWE details |
| Open Dashboard | — | Open app.cybrium.ai |
Settings
| Setting | Default | Description |
|---|---|---|
cybrium.autoScan | true | Scan on save |
cybrium.cyscanPath | (auto) | Path to cyscan binary |
cybrium.severityFilter | info | Minimum severity |
cybrium.apiUrl | https://app.cybrium.ai | Platform URL |
cybrium.apiKey | (empty) | API key for AI Fix |
Status Bar
The bottom-left status bar shows:
- "Cybrium: clean" — no findings
- "Cybrium: 5 findings" — click to scan current file
- Spinning — scan in progress