chore: import upstream snapshot with attribution
CI / Shell Format Check (push) Has been cancelled
CI / Check Ruby (3.4) (push) Has been cancelled
CI / CI Config (push) Has been cancelled
CI / Test on Node ${{ matrix.node }} and ${{ matrix.os }}${{ matrix.shard && format(' (shard {0}/3)', matrix.shard) || '' }} (push) Has been cancelled
CI / Build on Node ${{ matrix.node }} (push) Has been cancelled
CI / Style Check (push) Has been cancelled
CI / Generate Assets (push) Has been cancelled
CI / Check Python (3.14) (push) Has been cancelled
CI / Check Python (3.9) (push) Has been cancelled
CI / Build Docs (push) Has been cancelled
CI / Code Scan Action (push) Has been cancelled
CI / Site tests (push) Has been cancelled
CI / webui tests (push) Has been cancelled
CI / Run Integration Tests (push) Has been cancelled
CI / Run Smoke Tests (push) Has been cancelled
CI / Go Tests (push) Has been cancelled
CI / Share Test (push) Has been cancelled
CI / Redteam (Production API) (push) Has been cancelled
CI / Redteam (Staging API) (push) Has been cancelled
CI / GitHub Actions Lint (push) Has been cancelled
CI / Check Ruby (3.0) (push) Has been cancelled
release-please / release-please (push) Has been cancelled
release-please / build (push) Has been cancelled
release-please / publish-npm (push) Has been cancelled
release-please / publish-npm-backfill (push) Has been cancelled
release-please / docker (push) Has been cancelled
release-please / publish-code-scan-action (push) Has been cancelled
release-please / attest-code-scan-action (push) Has been cancelled
Deploy local.promptfoo.app / Deploy to Cloudflare Pages (push) Has been cancelled
Test and Publish Multi-arch Docker Image / test (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-amd64 platform:linux/amd64 runner:ubuntu-latest]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-arm64 platform:linux/arm64 runner:ubuntu-24.04-arm]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / merge-docker-digests (push) Has been cancelled
Test and Publish Multi-arch Docker Image / Attest Multi-arch Image (push) Has been cancelled
Validate Renovate Config / Validate Renovate Configuration (push) Has been cancelled

This commit is contained in:
wehub-resource-sync
2026-07-13 13:24:08 +08:00
commit 0d3cb498a3
5438 changed files with 1316560 additions and 0 deletions
+245
View File
@@ -0,0 +1,245 @@
---
title: CLI Command
sidebar_label: CLI Command
sidebar_position: 3
description: Scan code changes for LLM security vulnerabilities using the promptfoo code-scans command.
---
# CLI Command
The `promptfoo code-scans` command scans code changes for LLM-related security vulnerabilities, helping you identify prompt injection risks, jailbreaks, PII exposure, and other security issues before they reach production.
## Quick Start
Install promptfoo globally:
```bash
npm install -g promptfoo
```
Authenticate with your promptfoo account:
```bash
promptfoo auth login
```
Run a scan on your current branch:
```bash
promptfoo code-scans run
```
## Running Time
Depending on the size of your PR and codebase, the scan can take anywhere from a minute or two to 20 minutes or more. That said, most PRs take between 3 and 10 minutes.
## Command Options
### Basic Usage
```bash
promptfoo code-scans run [repo-path] [options]
```
### Options
| Option | Description | Default |
| --------------------------------- | --------------------------------------------------------------------------------------------------- | ---------------------------------------------------- |
| `repo-path` | Path to repository | Current directory (`.`) |
| `--api-key <key>` | Promptfoo API key | From `promptfoo auth` or `PROMPTFOO_API_KEY` env var |
| `--base <ref>` | Base branch/commit to compare against | Auto-detects either main or master |
| `--compare <ref>` | Branch/commit to scan | `HEAD` |
| `--config <path>` | Path to config file | `.promptfoo-code-scan.yaml` |
| `--guidance <text>` | Custom guidance to tailor the scan | None |
| `--guidance-file <path>` | Load guidance from a file | None |
| `--api-host <url>` | Promptfoo API host URL | `https://api.promptfoo.app` |
| `--diffs-only` | Scan only PR diffs, don't explore full repo | false |
| `--json` | Output results as JSON ([see schema](#json-output-schema)) | false |
| `-f, --format <format>` | Output format (`text`, `json`, or `sarif`) | `text` |
| `--github-pr <owner/repo#number>` | Post comments to GitHub PR (used with [Promptfoo GitHub Action](/docs/code-scanning/github-action)) | None |
### Examples
**Scan diffs for current branch, comparing against main (or master):**
```bash
promptfoo code-scans run
```
**Scan diffs for specific branch against main:**
```bash
promptfoo code-scans run --compare feature/new-llm-integration
```
**Scan diffs between two commits:**
```bash
promptfoo code-scans run --base ffa1b2d3 --compare a9c7e5b6
```
**Scan with custom config:**
```bash
promptfoo code-scans run --config custom-scan-config.yaml
```
**Get JSON output:**
```bash
promptfoo code-scans run --json
```
See [JSON Output Schema](#json-output-schema) for the response format.
**Get SARIF output for security tooling:**
```bash
promptfoo code-scans run --format sarif > promptfoo-code-scan.sarif
```
SARIF output includes location-backed findings that GitHub Code Scanning can display.
## Configuration File
Create a `.promptfoo-code-scan.yaml` file in your repository root:
```yaml
# Minimum severity level to report (low|medium|high|critical)
# Both minSeverity and minimumSeverity are supported
minSeverity: medium
# Scan only PR diffs without filesystem exploration (default: false = explore full repo)
diffsOnly: false
# Optional: Custom guidance to tailor the scan to your needs
guidance: |
Focus on authentication and authorization vulnerabilities.
Treat any PII exposure as high severity.
# Or load guidance from a file (path relative to config file)
# guidanceFile: ./scan-guidance.md
# Optional: Promptfoo API host URL
# apiHost: https://api.promptfoo.dev
```
## Custom Guidance
You can provide custom guidance to tailor scans to your specific needs. See the [overview](./index.md#custom-guidance) for what guidance can do.
**Via command line:**
```bash
# Inline guidance
promptfoo code-scans run --guidance "Focus on authentication vulnerabilities in the /src/auth directory"
# Load from file
promptfoo code-scans run --guidance-file ./scan-guidance.md
```
**Via config file:**
```yaml
# Inline guidance
guidance: |
Focus on authentication and authorization vulnerabilities.
Treat any PII exposure as high severity.
# Or load from file
guidanceFile: ./scan-guidance.md
```
## Authentication
The code scanner supports multiple authentication methods (checked in order):
1. **CLI argument**: `--api-key <key>`
2. **Environment variable**: `PROMPTFOO_API_KEY=<key>`
3. **Promptfoo auth**: `promptfoo auth login`
4. **GitHub OIDC** (when used in the [Promptfoo GitHub Action](/docs/code-scanning/github-action)): Automatic
### Using promptfoo auth
```bash
# Login once
promptfoo auth login
# Then run scans without --api-key
promptfoo code-scans run
```
### Using environment variable
```bash
export PROMPTFOO_API_KEY=your-api-key
promptfoo code-scans run
```
### Using --api-key argument
```bash
promptfoo code-scans run --api-key your-api-key
```
## JSON Output Schema
When using `--json`, the scan outputs a JSON object to stdout with the following structure:
### Response Object
| Field | Type | Description |
| ---------------- | ----------- | ----------------------------------------------------------------------------------------------------------------- |
| `success` | `boolean` | Whether the scan completed successfully |
| `review` | `string` | Overall review summary of the scan |
| `comments` | `Comment[]` | Array of findings (see below) |
| `commentsPosted` | `boolean` | Whether comments were posted to a PR |
| `skipReason` | `string` | Set when the scan was intentionally skipped (e.g. fork PR awaiting maintainer approval); `comments` will be empty |
| `error` | `string` | Error message if the scan failed |
### Comment Object
| Field | Type | Description |
| --------------- | -------- | ---------------------------------------------- |
| `file` | `string` | File path where the issue was found, or null |
| `line` | `number` | Line number of the finding, or null |
| `startLine` | `number` | Start line for multi-line findings, or null |
| `finding` | `string` | Description of the security issue |
| `fix` | `string` | Suggested fix for the issue |
| `severity` | `string` | `critical`, `high`, `medium`, `low`, or `none` |
| `aiAgentPrompt` | `string` | Prompt for AI coding agents to fix the issue |
### Example
```json
{
"success": true,
"review": "The PR introduces an LLM-powered support chat feature. The main security concerns are around prompt injection via user messages and insufficient output validation.",
"comments": [
{
"file": "src/chat/handler.ts",
"line": 42,
"startLine": 40,
"finding": "User input is passed directly to the LLM prompt without sanitization, allowing prompt injection attacks.",
"fix": "Sanitize user input and use a system prompt that instructs the model to ignore injected instructions.",
"severity": "critical",
"aiAgentPrompt": "In src/chat/handler.ts around line 42, add input sanitization before passing user messages to the LLM. Use a system prompt with injection-resistant instructions."
},
{
"file": "src/chat/handler.ts",
"line": 87,
"startLine": null,
"finding": "LLM responses are rendered as raw HTML without escaping, which could allow cross-site scripting if the model is manipulated.",
"fix": "Escape or sanitize LLM output before rendering it in the UI.",
"severity": "high",
"aiAgentPrompt": "In src/chat/handler.ts at line 87, escape the LLM response output before inserting it into the DOM to prevent XSS."
}
]
}
```
## See Also
- [Code Scanning Overview](./index.md)
- [GitHub Action](./github-action.md)
- [VS Code Extension](./vscode-extension.md)
+221
View File
@@ -0,0 +1,221 @@
---
title: GitHub Action
sidebar_label: GitHub Action
sidebar_position: 2
description: Automatically scan pull requests for LLM security vulnerabilities with the promptfoo Code Scan GitHub Action. Find prompt injection, PII exposure, and jailbreak risks in CI/CD.
---
# GitHub Action
Automatically scan pull requests for LLM security vulnerabilities with promptfoo's [code scanning GitHub action.](/code-scanning/github-action/)
The scanner analyzes code changes for prompt injection, PII exposure, excessive agency, and other LLM-specific risks. After scanning, findings are posted with severity levels and suggested fixes as PR review comments.
<img src="/img/docs/code-scanning/github.png" alt="Code Scan Action results on PR" style={{borderRadius: '8px', border: '1px solid rgba(0,0,0,0.1)', boxShadow: '0 2px 8px rgba(0,0,0,0.08)'}} />
<br/>
<br/>
## Quick Start
The easiest way to get started is by installing the Promptfoo Scanner GitHub App:
1. **Install the GitHub App**: Go to [github.com/apps/promptfoo-scanner](https://github.com/apps/promptfoo-scanner) and install the app
2. **Select repositories**: Choose which repositories to enable scanning for
3. **Submit your email or sign in**: You'll be redirected to promptfoo.dev to either submit your email or sign in to your account (an account is not required—just a valid email address)
4. **Review the setup PR**: A pull request will be automatically opened in each repository you selected in step 2—it adds the Code Scan Action workflow to `.github/workflows/promptfoo-code-scan.yml`
5. **Merge the PR**: you can tweak the workflow configuration if desired, and merge when ready.
Once merged, the scanner will automatically run on future pull requests, posting review comments for any security issues found.
:::info
When using the GitHub App:
- Authentication is handled automatically with GitHub OIDC. No API key, token, or other configuration is needed.
- No Promptfoo Cloud account is needed—just a valid email address.
:::
## Configuration
### Action Inputs
Most CLI options from [`promptfoo code-scans run`](/docs/code-scanning/cli) can be used as action inputs:
| Input | Description | Default |
| ------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- |
| `api-host` | Promptfoo API host URL | `https://api.promptfoo.app` |
| `min-severity` | Minimum severity to report (`low`, `medium`, `high`, `critical`) | `medium` |
| `minimum-severity` | Alias for `min-severity`. Takes effect only when `min-severity` is unset; if both are set, `min-severity` wins and a warning is emitted. | None |
| `config-path` | Path to `.promptfoo-code-scan.yaml` config file | Auto-detected |
| `guidance` | Custom guidance to tailor the scan (see [CLI docs][1]) | None |
| `guidance-file` | Path to file containing custom guidance (see [CLI docs][1]) | None |
| `enable-fork-prs` | Enable scanning PRs from forked repositories | `false` |
| `promptfoo-version` | Exact `promptfoo` CLI version to install for scanning (e.g. `0.121.0`). Ranges and dist-tags are rejected. | Version pinned at release |
| `sarif-output-path` | Optional path to write SARIF output for GitHub Code Scanning | None |
[1]: [More on custom guidance](/docs/code-scanning/cli#custom-guidance)
### Triggering Additional Scans
If you made changes to your PR and want to run another scan, you can trigger a new scan by commenting on the PR with `@promptfoo-scanner`.
### Fork Pull Requests
By default, code scanning is disabled for fork PRs. This is because any GitHub user can open a fork PR on public repositories.
To trigger a scan on a fork PR, a maintainer with `write` permissions on the repository can comment on the PR with `@promptfoo-scanner`.
To enable scanning of fork PRs by default, add `enable-fork-prs: true` to your workflow file (`.github/workflows/promptfoo-code-scan.yml` in the main branch):
```yaml
- name: Run Promptfoo Code Scan
uses: promptfoo/code-scan-action@v0
with:
enable-fork-prs: true
```
### Examples
**Scan with custom severity threshold:**
```yaml
- name: Run Promptfoo Code Scan
uses: promptfoo/code-scan-action@v0
with:
min-severity: medium # Report medium, high and critical issues (also the default when omitted)
```
**Use custom guidance:**
```yaml
- name: Run Promptfoo Code Scan
uses: promptfoo/code-scan-action@v0
with:
guidance: |
Focus on the document ingestion flow.
Treat any potential PII exposure as critical severity.
```
**Load custom guidance from a file:**
```yaml
- name: Run Promptfoo Code Scan
uses: promptfoo/code-scan-action@v0
with:
guidance-file: ./promptfoo-scan-guidance.md
```
**Use config file:**
```yaml
- name: Run Promptfoo Code Scan
uses: promptfoo/code-scan-action@v0
with:
config-path: .promptfoo-code-scan.yaml
```
**Write SARIF output for GitHub Code Scanning:**
The action sets `sarif-path` only when a scan actually completes, so keep the upload step conditional. Intentionally skipped scans do not publish a clean Code Scanning result.
```yaml
- name: Run Promptfoo Code Scan
id: promptfoo-code-scan
uses: promptfoo/code-scan-action@v0
with:
sarif-output-path: promptfoo-code-scan.sarif
- name: Upload SARIF to GitHub Code Scanning
if: ${{ steps.promptfoo-code-scan.outputs.sarif-path != '' }}
uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3
with:
sarif_file: ${{ steps.promptfoo-code-scan.outputs.sarif-path }}
category: promptfoo-code-scan
```
### Configuration File
Create a `.promptfoo-code-scan.yaml` in your repository root. See the [CLI documentation](/docs/code-scanning/cli#configuration-file) for all available options.
```yaml
# Minimum severity level to report
minSeverity: medium
# Scan only PR diffs without filesystem exploration (default: false)
diffsOnly: false
# Custom guidance to tailor the scan
guidance: |
Focus on authentication and authorization vulnerabilities.
Treat any PII exposure as high severity.
```
## Manual Installation
You can also install the action manually without the GitHub App. When using manual installation:
- Some features may not be available through the manual action installation, so the GitHub App is the recommended way to use the action
- PR comments appear to come from the generic `github-actions[bot]` instead of the official Promptfoo Scanner bot with the Promptfoo logo
- A Promptfoo Cloud account is required (rather than just a valid email address when using the GitHub App). You can [sign up or sign in here.](https://www.promptfoo.app/login)
- You'll need a [Promptfoo API token](https://www.promptfoo.app/api-tokens) for authentication
### Workflow Configuration
Add this workflow to your repository at `.github/workflows/promptfoo-code-scan.yml`:
```yaml
name: Promptfoo Code Scan
on:
pull_request:
types: [opened]
jobs:
security-scan:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
fetch-depth: 0
- name: Run Promptfoo Code Scan
id: promptfoo-code-scan
uses: promptfoo/code-scan-action@v0
env:
PROMPTFOO_API_KEY: ${{ secrets.PROMPTFOO_API_KEY }}
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
min-severity: medium # or any other severity threshold: low, medium, high, critical
sarif-output-path: promptfoo-code-scan.sarif
# ... other configuration options...
- name: Upload SARIF to GitHub Code Scanning
if: ${{ steps.promptfoo-code-scan.outputs.sarif-path != '' }}
uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3
with:
sarif_file: ${{ steps.promptfoo-code-scan.outputs.sarif-path }}
category: promptfoo-code-scan
```
The example pins the third-party actions to full commit SHAs with version comments. Tags such as `v0` are convenient but mutable; a commit SHA is the only immutable reference. For maximum assurance, pin `promptfoo/code-scan-action` the same way — resolve a release tag to its commit with `gh api repos/promptfoo/code-scan-action/commits/<tag> --jq .sha` and use `uses: promptfoo/code-scan-action@<full-commit-sha> # <tag>`.
## Supply Chain Security
The hardening below applies to code-scan-action releases after v0.1.8; earlier releases resolve `promptfoo@latest` at runtime and predate the provenance attestation.
- The action installs an exact, release-pinned version of the `promptfoo` CLI with npm lifecycle scripts disabled (`--ignore-scripts`); it does not resolve `promptfoo@latest` at runtime. Use the `promptfoo-version` input to override the pin with another exact version.
- The `dist/` bundle and `action.yml` committed to [promptfoo/code-scan-action](https://github.com/promptfoo/code-scan-action) are built and exported by the promptfoo monorepo release workflow, which publishes a signed build-provenance attestation for the exact artifact bytes. Verify a checkout with `gh attestation verify dist/index.js --repo promptfoo/promptfoo` (and likewise for `action.yml`).
- The scanner install strips npm config and `NODE_OPTIONS` from its environment and isolates its npm config files, but a step that runs pull-request-controlled code earlier in the same job (such as `npm ci` or a build) can persist state — `$GITHUB_PATH`, `$GITHUB_ENV`, or `$HOME` writes — that later steps inherit, and it already runs with the job's token. Keep the scan in a job that only checks out and scans the PR; run untrusted build steps in a separate job.
## See Also
- [Code Scanning Overview](./index.md)
- [VS Code Extension](./vscode-extension.md)
- [CLI Command](./cli.md)
- [Promptfoo Scanner GitHub App](https://github.com/apps/promptfoo-scanner)
- [Promptfoo Code Scan Action on GitHub](https://github.com/promptfoo/code-scan-action)
+87
View File
@@ -0,0 +1,87 @@
---
title: Code Scanning - LLM Security Vulnerability Scanner
description: Scan code changes for LLM security vulnerabilities using AI-powered analysis. Find prompt injection, PII exposure, and other security risks in pull requests.
keywords:
[
code security,
LLM security,
AI security,
AI security scanning,
security scanning,
code scanning,
prompt injection detection,
PII detection,
pull request review,
PR review,
security automation,
GitHub Action security,
vulnerability scanner,
]
sidebar_label: Overview
sidebar_position: 1
---
# Code Scanning
Promptfoo Code Scanning uses AI agents to find LLM-related vulnerabilities in your codebase and helps you fix them before you merge. By focusing specifically on LLM-related vulnerabilities, it finds issues that more general security scanners might miss.
## How It Works
The scanner examines code changes for common LLM security risks including prompt injection, PII exposure, and excessive agency. Rather than just analyzing the surface-level diff, it traces data flows deep into your codebase to understand how user inputs reach LLM prompts, how outputs are used, and what capabilities your LLM has access to.
This agentic approach catches subtle security issues that span multiple files, while maintaining a high signal-to-noise ratio to avoid alert fatigue.
## Getting Started
### GitHub Action
Automatically scan pull requests with findings posted as review comments, and optionally publish alerts to GitHub Code Scanning and the repository Security tab. This is the recommended way to use the scanner if your code is on GitHub. [Set up the GitHub Action →](./github-action.md)
### VS Code Extension (Enterprise)
Scan code directly in your editor with real-time feedback, inline diagnostics, and quick fixes. Available for enterprise customers. [Learn more →](./vscode-extension.md)
### CLI Command
Run scans locally or in any CI environment. [Use the CLI →](./cli.md)
## Severity Levels
Findings are classified by severity to help you prioritize:
- **Critical** 🔴: Immediate security risk
- **High** 🟠: Significant issue
- **Medium** 🟡: Moderate risk
- **Low** 🔵: Minor issue
Configure minimum severity thresholds in your scan settings.
## Custom Guidance
Tailor scans to your needs by providing custom guidance:
- Focus on specific vulnerability types or code areas
- Adjust severity levels based on your context
- Suggest fixes using your preferred libraries
- Skip known false positives
**Example:**
```yaml
guidance: |
Ignore the /examples directory—it contains demo code only.
Treat potential PII exposure as critical.
For this app, sending proprietary code to OpenAI or Claude is not a vulnerability.
Use Zod schemas for validation when suggesting fixes.
```
## Cloud and Enterprise
Scans run on Promptfoo Cloud by default. For organizations that need to run scans on their own infrastructure, code scanning is available in [Promptfoo Enterprise On-Prem.](../enterprise)
## See Also
- [GitHub Action](./github-action.md)
- [VS Code Extension](./vscode-extension.md)
- [CLI Command](./cli.md)
- [Promptfoo Scanner GitHub App](https://github.com/apps/promptfoo-scanner)
+131
View File
@@ -0,0 +1,131 @@
---
title: VS Code Extension
sidebar_label: VS Code Extension
sidebar_position: 4
description: Detect LLM security vulnerabilities in VS Code with real-time scanning. Find prompt injection, jailbreak risks, and PII exposure as you code.
keywords:
[
vscode extension,
VS Code security scanner,
LLM security,
prompt injection detection,
code scanning IDE,
real-time security scanning,
enterprise,
]
---
# VS Code Extension
The Promptfoo Security Scanner for VS Code detects LLM security vulnerabilities directly in your editor. It finds prompt injection risks, jailbreak vulnerabilities, PII exposure, and other security issues as you code—before they reach your CI pipeline or production.
![VS Code extension showing inline security diagnostics](/img/docs/code-scanning/vscode-extension.png)
:::info Enterprise Feature
The VS Code extension is available for Promptfoo Enterprise customers. [Contact us](/contact) to get access for your organization.
:::
## Features
- **Real-time scanning**: Automatically scans files on save
- **Inline diagnostics**: Security issues appear as squiggly underlines in your code
- **Problems panel**: All findings listed in VS Code's Problems panel
- **CodeLens annotations**: Inline severity indicators above vulnerable code
- **Quick fixes**: Apply suggested fixes with one click
- **AI assistance**: Get AI-generated prompts to help fix complex issues
- **Git diff scanning**: Scan all changed files in your branch
## Getting Started
1. [Contact us](/contact) to get the extension package (`.vsix` file)
2. Install in VS Code: Extensions → ⋯ → Install from VSIX
3. Configure your API key: Cmd+Shift+P → **Promptfoo: Configure API Key**
## Usage
**Automatic scanning**: Files are scanned when you save. Findings appear as inline diagnostics in your code and in the Problems panel.
**Manual scanning**: Use the Command Palette (Cmd+Shift+P):
- **Promptfoo: Scan Current File** — Scan the active file
- **Promptfoo: Scan Selection** — Scan selected code
- **Promptfoo: Scan Git Changes** — Scan all changed files in your branch
- **Promptfoo: Clear All Scan Results** — Clear all diagnostics
- **Promptfoo: Show Output** — Show the extension's output channel
### Keyboard Shortcuts
| Shortcut | Command |
| ----------------------------------- | ----------------- |
| Ctrl+Shift+P F (Mac: Cmd+Shift+P F) | Scan current file |
### Context Menu
Right-click in the editor to access:
- **Scan Current File** — Scan the entire file
- **Scan Selection** — Scan only the selected code (when text is selected)
## Configuration
Configure the extension in VS Code Settings or in your `settings.json`:
| Setting | Description | Default |
| -------------------------------- | -------------------------------- | --------------------------- |
| `promptfoo.apiHost` | Promptfoo API host URL | `https://api.promptfoo.app` |
| `promptfoo.minimumSeverity` | Minimum severity to display | `low` |
| `promptfoo.scanOnSave` | Auto-scan files on save | `true` |
| `promptfoo.scanOnSaveDebounceMs` | Debounce delay for auto-scan | `1500` |
| `promptfoo.diffsOnly` | Only analyze code diffs | `true` |
| `promptfoo.showCodeLens` | Show inline CodeLens annotations | `true` |
| `promptfoo.enabledLanguages` | Languages to scan | See below |
### Example settings.json
```json
{
"promptfoo.minimumSeverity": "medium",
"promptfoo.scanOnSave": true,
"promptfoo.scanOnSaveDebounceMs": 2000,
"promptfoo.showCodeLens": true
}
```
### Supported Languages
By default, the extension scans:
- JavaScript / TypeScript (including JSX/TSX)
- Python
- Go
- Java
- Rust
- Ruby
- PHP
- C#
- C/C++
Customize with the `promptfoo.enabledLanguages` setting. An empty array enables scanning for all languages.
## Severity Levels
Findings are classified by severity:
| Level | Icon | Description |
| -------- | ---- | ---------------------------- |
| Critical | 🔴 | Immediate security risk |
| High | 🟠 | Significant vulnerability |
| Medium | 🟡 | Moderate concern |
| Low | 🔵 | Minor issue or best practice |
Use the `promptfoo.minimumSeverity` setting to filter out lower-severity findings.
## Privacy
Code is sent to Promptfoo's servers for analysis and is not stored after analysis completes. For organizations that need to run scans on their own infrastructure, the extension works with [Promptfoo Enterprise On-Prem](/docs/enterprise/).
## See Also
- [Code Scanning Overview](./index.md)
- [GitHub Action](./github-action.md)
- [CLI Command](./cli.md)