Skip to content
Caspian-Explorer edited this page Mar 11, 2026 · 6 revisions

Caspian Security

Context-aware security analysis for Visual Studio Code

Version License VS Code


Caspian Security detects vulnerabilities, insecure coding patterns, and security best practice violations as you write code. It provides 164 security rules across 14 categories, covering SQL injection, XSS, hardcoded secrets, business logic flaws, and more.

What sets it apart: context-aware intelligence. The scanner classifies issues with confidence scores, AI fixes understand full function scope, teams share ignore decisions via .caspianignore, and results export to SARIF v2.1.0 for GitHub Security Alerts.

At a Glance

Rules 164 (74 code-detectable + 59 informational)
Categories 14 security categories
Languages JavaScript, TypeScript, Python, Java, C#, PHP, Go, Rust
AI Providers Anthropic Claude, OpenAI GPT-4, Google Gemini
Export Formats JSON, CSV, SARIF v2.1.0

Documentation

Page Description
Getting Started Installation, first scan, scan modes
Configuration Settings, AI providers, category toggles
AI Fixes Smart context AI fix generation
Confidence Scoring Critical / Safe / Verify Needed classification
Caspianignore .caspianignore file format and team workflow
SARIF Export SARIF v2.1.0 export and GitHub Security integration
Rule Reference Complete list of all 164 rules
FAQ Troubleshooting and common questions

Key Capabilities

  • Context-aware analysis -- classifies issues by variable source with confidence badges
  • AI fixes with function-level understanding -- sends the entire enclosing function to the AI
  • 164 security rules across 14 categories with actionable fix suggestions
  • Real-time analysis -- checks code as you type with a 1-second debounce
  • Full workspace scanning -- scans all project files, not just open tabs
  • 8 languages supported -- JS, TS, Python, Java, C#, PHP, Go, Rust
  • Team-shareable .caspianignore -- version-controlled ignore decisions
  • SARIF v2.1.0 export -- upload to GitHub Security Alerts
  • Per-category toggles -- enable or disable each category independently
  • 3 AI providers -- Claude, GPT-4, Gemini
  • Cancellable scans -- workspace scans show progress and can be stopped
  • Configurable severity -- filter by error, warning, or info threshold

Links

Clone this wiki locally