Skip to content

VS Code

A dedicated AlertaVuln extension for Visual Studio Code is on the roadmap. It is not yet available, and there is nothing to install today - this page will be updated when it ships.

You don’t need an extension to use AlertaVuln from inside VS Code:

  • The CLI in the integrated terminal - av sast scan --path . runs the full local code scan from VS Code’s terminal, exactly as it does anywhere else. See av sast scan.
  • The MCP server with AI assistants - any MCP-capable assistant in your editor can connect to the AlertaVuln MCP server and query your projects, alerts, and SAST findings directly.
  • MCP server - connect editor agents to AlertaVuln
  • CI/CD - gate pipelines with the CLI