ABS Core
SDK

VS Code Extension

ABS Kernel — IDE governance for Cursor, Copilot, Windsurf, and VS Code

VS Code / Cursor Extension

The ABS Kernel Extension (oconnector.abs-vscode) brings AI governance directly into your editor. It operates in two modes — fully offline via local WASM, or connected to the ABS Cloud API for enterprise policy enforcement.

Install: Search ABS Kernel in the VS Code Marketplace, or:

code --install-extension oconnector.abs-vscode

What It Does

Smart Target Detection

The extension automatically identifies high-value files that warrant closer scrutiny:

  • IDE config (.vscode/, .cursorrules, .windsurfrules)
  • AI/LLM rules (prompts/, instructions/, copilot*)
  • Infrastructure (Dockerfile, wrangler.toml, .github/)
  • Secrets (.env*, .npmrc, package.json, requirements.txt)

Dependency Scanner

Scans package.json and requirements.txt for known vulnerable packages with pinned versions, reporting severity (LOW / MEDIUM / HIGH / CRITICAL) and minimum safe version.

Workspace Scan (ABS: Scan Workspace)

Recursively walks your project, flags smart targets, runs dependency analysis, and reports all findings in a dedicated Output Channel — entirely offline, no network required.

File Scan (ABS: Scan Current File)

Instant governance scan of the active editor file against local WASM policies.

Governance Sidebar

Click the Shield icon in the Activity Bar to open the ABS panel:

  • Configure your API URL and PAT token
  • Test connectivity to your ABS Cloud instance
  • Toggle Enterprise Mode for MCP + cloud policy enforcement
  • Trigger quick workspace scans from the sidebar

Modes

ModeRequiresWhat runs
Offline / LocalNothingWASM kernel, local policies only
EnterpriseAPI Key + CloudRemote policy evaluation via POST /v1/authorize, full audit trail

Enterprise Mode activates when abs.enterpriseMode: true is set and a valid API key is configured. If Enterprise Mode is enabled but no key is present, the extension falls back to local mode with a warning.

Configuration

In .vscode/settings.json:

{
  "abs.apiUrl": "https://api.abscore.app",
  "abs.apiKey": "abs_pat_...",
  "abs.scanOnSave": false,
  "abs.enterpriseMode": false
}
SettingDefaultDescription
abs.apiUrlhttps://api.abscore.appABS Cloud API endpoint
abs.apiKey""PAT token — generate at abscore.app/dashboard → Config → Tokens
abs.scanOnSavefalseAuto-scan every file on save
abs.enterpriseModefalseEnable MCP + remote policy enforcement

Usage

ActionHow
Scan current fileCommand Palette → ABS: Scan Current File
Scan entire workspaceCommand Palette → ABS: Scan Workspace
Open governance panelClick the Shield icon in the Activity Bar
Test cloud connectionSidebar → "Test Connection" button

Compatibility

Works with VS Code, Cursor, Windsurf, and GitHub Copilot environments. The WASM kernel runs natively in the extension host process — no Docker, no daemon, no network required for local mode.

Scanner CLI

CI/CD Integration & Local Scanning

API Reference

REST API for ABS Core. All endpoints, authentication, rate limits, and error codes.

On this page

VS Code / Cursor ExtensionWhat It DoesSmart Target DetectionDependency ScannerWorkspace Scan (ABS: Scan Workspace)File Scan (ABS: Scan Current File)Governance SidebarModesConfigurationUsageCompatibility