The Fight Against Context Drift - Caused Security vulnerabilities
SemanticGuard is a VS Code extension that acts as a mandatory enforcement layer between your AI IDE and your codebase. While tools like Semgrep catch patterns, SemanticGuard catches intent violations.
Think of it as an architectural airbag that deploys before bad code hits your repository.
You ask an AI for "Feature A." It gives you "Feature A," but it also:
- โ Reintroduces a security vulnerability you fixed last week
- โ Ignores your architectural boundaries (e.g., puts DB logic in the View)
- โ Leaks PII into logs because "it seemed faster"
Standard linters won't catch this because the code is syntactically perfect.
SemanticGuard catches it because the code is semantically wrong.
| Feature | Description |
|---|---|
| ๐ง Semantic Auditing | Uses LLMs to verify code against your project's unique "Golden State" |
| ๐ Privacy-First | Can Run 100% locally via Ollama (Llama 3.1/DeepSeek) by default |
| โก Power Mode | Switch to Cloud (Groq/OpenRouter) for 3x faster audits (sub-1s) using your own API keys |
| ๐ก๏ธ Intent Verification | Catches hardcoded secrets, unsafe data flows, and "hallucinated" architecture |
| ๐ The Vault | A versioned .SemanticGuard/ directory that stores your project's rules, history, and resolutions |
Note: SemanticGuard repository is lightweight (~50MB). Models are downloaded separately only if you choose Local Mode.
git clone https://github.com/dsadsadsadsadas/SemanticGuard
cd SemanticGuard
pip install -r requirements.txtLocal Mode (Privacy-First):
# Install Ollama (one-time setup)
curl -fsSL https://ollama.com/install.sh | sh
### 3๏ธโฃ Install Extension & Initialize
```bash
# Install VS Code extension
code --install-extension extension/SemanticGuard-gatekeeper-2.4.1.vsix Power Mode (Cloud-Based):
# Start server (no model download needed)
python start_server.py
# Then configure API key in VS Code extension
# Click โ๏ธ Gear Icon โ Configure API KeyClick "Initialize Project" in the sidebar. Choose a persona:
- ๐ Solo-Indie: Focuses on clean naming and small functions
- ๐๏ธ Architect: Enforces DI and interface-driven design
- ๐ก๏ธ Fortress: Strict security, input sanitization, and statelessness
SemanticGuard isn't just a prompt; it's a state machine. It tracks your project via:
.SemanticGuard/
โโโ golden_state.md # What is allowed (ONLY Allowed)
โโโ system_rules.md # What is forbidden ( NEVER Allowed)
โโโ done_tasks.md # Tasks that are done
โโโ pending_tasks.md # Pending Tasks
โโโ problems_and_resolutions.md #Problems that occured and their Fix
โโโ Walkthrough.md #What Happend Throughout the Audit
โโโ
| Feature | Local Mode | Power Mode โก |
|---|---|---|
| Speed | 4-6s / audit | 0.5s - 1.5s / audit |
| Component | Size | Notes |
|---|---|---|
| Git Clone | ~50MB | Code only - lightweight! |
| Ollama Model (optional) | ~4.7GB | Downloaded separately, not in repo |
| Total for Local Mode | ~50MB + 4.7GB | Model stored in ~/.ollama/, not in Git |
| Total for Power Mode | ~50MB | No model download needed |
Important: Model files are NEVER included in the Git repository. They are downloaded on-demand when you choose Local Mode and stored in Ollama's directory.
- Write code in your AI IDE (Cursor, Windsurf, etc.)
- Save the file (Ctrl+S / Cmd+S)
- SemanticGuard audits the changes against your rules
- Accept or Reject based on the drift score
- ๐ข 0.0 - 0.3: Healthy (Auto-accept)
- ๐ก 0.3 - 0.6: Warning (Review recommended)
- ๐ด 0.6 - 1.0: Critical (Auto-reject)
# Install Ollama
curl -fsSL https://ollama.com/install.sh | sh
# Pull the model
ollama pull llama3.1:8b
# Start Ollama server
ollama serve- Open SemanticGuard sidebar
- Click โ๏ธ Settings
- Select "Configure API Key"
- Choose provider (Groq or OpenRouter)
- Enter your API key
Built by Ethan Baron. If SemanticGuard caught a drift for you, let me know!
- ๐ฆ X: @Jsaaaron91633
- ๐ผ LinkedIn: Ethan Baron
- ๐ง Email: ethan.baron.home@gmail.com
AGPLv3 โ Keep it open.
This project is licensed under the GNU Affero General Public License v3.0. See LICENSE for details.
If SemanticGuard helped you catch a drift, give it a star! โญ
Made with ๐ก๏ธ by developer, for developers