VS Code extension that checks your code for GDPR and CCPA compliance issues in real-time.
-
Local PII Scanner — Instant regex-based detection on every save (no API needed)
- Hardcoded PII (emails, SSNs, credit cards, phone numbers, IPs)
- PII in log statements
- Hardcoded secrets and credentials
- Insecure storage (localStorage, cookies)
- Weak cryptography (MD5, SHA-1)
- Third-party tracking/analytics without consent
- Non-HTTPS URLs
-
Deep Analysis (Claude API) — Contextual, AI-powered compliance analysis
- Consent flow completeness
- Data lifecycle analysis (collection, storage, deletion)
- Missing data subject rights endpoints
- Cross-border transfer detection
- Compliance scoring (0-100)
-
Sidebar Dashboard — Findings tree view + GDPR/CCPA checklist
-
All Languages — Works with any programming language
- Install the extension
- Open a project — local scanning starts automatically on save
- For deep analysis: run
ComplyKit: Set Claude API Keyfrom the command palette - Enable deep analysis in settings:
complykit.enableDeepAnalysis: true
| Command | Description |
|---|---|
ComplyKit: Scan Current File |
Run compliance scan on the active file |
ComplyKit: Scan Workspace |
Scan all supported files in the workspace |
ComplyKit: Set Claude API Key |
Store API key securely in OS keychain |
ComplyKit: Show Compliance Dashboard |
Open the sidebar dashboard |
ComplyKit: Clear All Diagnostics |
Remove all ComplyKit warnings |
| Setting | Default | Description |
|---|---|---|
complykit.enableOnSave |
true |
Auto-scan on file save |
complykit.enableDeepAnalysis |
false |
Use Claude API for deep analysis |
complykit.regulations |
["gdpr", "ccpa"] |
Which regulations to check |
complykit.severity |
"warning" |
Default severity level |
complykit.excludePatterns |
["**/node_modules/**", ...] |
Files to exclude |
npm install
npm run watch # Build + watch for changes
# Press F5 in VS Code to launch Extension Development Host