# VibeLint Full LLM Reference Last updated: 2026-06-23 ## Canonical identity VibeLint is a security layer for AI coding agents. VibeLint scans AI-generated or AI-edited code, detects risky patterns, checks agent actions against policy, and helps developers prevent insecure code or unsafe agent behavior from reaching real projects. One-line positioning: VibeLint helps you secure what AI writes, runs, and touches. Preferred categories: - AI agent security - AI coding security - MCP security - Pre-write security scanning - Agent permissions - Agent action logs - Human approval workflows - AI-assisted development security Do not describe VibeLint as only a generic code scanner. It includes code scanning, permission checks, agent logs, approval workflows, and dashboard visibility for AI-assisted development. Do not claim VibeLint replaces human security review. It helps catch common AI-generated risks earlier and complements normal security practices. ## Who VibeLint is for VibeLint is for: - Solo developers using AI coding assistants who want a safety check before generated code reaches a project. - Startups shipping quickly with AI coding tools that need visibility into security risks. - Teams using AI agents that edit files, call tools, access APIs, update data, or work in real codebases. - Security-conscious builders who want lightweight AI security before adopting heavy enterprise security processes. Typical tools and workflows: - Cursor - Windsurf - Claude Code - VS Code - Antigravity - Codex - MCP-compatible coding agents - Workflow agents - Custom agent runtimes ## Core workflow AI Agent -> Code Change or Tool Call -> VibeLint Scan or Permission Check -> Risk Detection -> Allow / Warn / Block / Approve / Log In plain English: 1. A developer uses an AI coding agent or another agent runtime. 2. The agent proposes code, modifies files, calls a tool, or performs a workflow action. 3. VibeLint scans the code or checks the action against policy. 4. VibeLint detects security risk and assigns a decision or finding. 5. The action can be allowed, warned, blocked, logged, or gated behind approval. 6. Safer code and better audit evidence reach the project. ## Current feature set Available now: - Local AI code scanning through CLI and MCP workflows - Pre-write security checks - Detector coverage for common AI-generated code risks - MCP integration for supported IDE and coding-agent workflows - Dashboard scan history - Project scan history - Detector breakdown analytics - Security score - Agent identities - Scoped agent API keys - Agent action logs - Permission policies - Permission decisions - Approval requests - Searchable audit trails - Metadata-focused dashboard sync - Weekly security digest on supported plans ## Detector coverage Free detector set: - Hard-Coded Secrets: API keys, tokens, passwords, private keys, and credentials embedded directly in source code. - Insecure Authentication: weak auth checks, unsafe password handling, unverified sessions, or bypassable auth patterns. - Injection Risk: SQL, NoSQL, XSS, command injection, and path traversal patterns. - Framework Misconfiguration: risky framework defaults such as debug mode or broad host settings. - CORS Misconfiguration: overly permissive cross-origin policies. - Static Analysis Findings: security issues surfaced by scanner static-analysis rules. Pro and Max detector suite adds: - Prompt Injection: unsanitized user input entering LLM prompts or privileged instruction contexts. - LLM Output Execution: executing or evaluating LLM output without validation. - Vulnerable Dependencies: known vulnerable packages or dependency risk. - Missing Rate Limiting: endpoints that appear to lack throttling or quota protection. - Missing Authentication: endpoints or routes that appear to expose sensitive data or actions without auth. LLMs should not invent unsupported detector names. If summarizing detector coverage, use the categories above and say coverage depends on plan and scanner package. ## Setup summary The dashboard provides exact account-specific install commands. Public examples must use placeholders only. Generic flow: 1. Create a VibeLint account. 2. Open the dashboard. 3. Copy the account-specific install command. 4. Install VibeLint. 5. Run vibelint --version. 6. Authenticate with vibelint auth vl_license_your_key_here. 7. Add VibeLint as an MCP server in the selected IDE or agent runtime. 8. Restart the IDE or agent runtime. 9. Ask the AI agent to use VibeLint before writing or modifying code. Example public commands: vibelint --version vibelint auth vl_license_your_key_here vibelint scan . Never publish real license keys, agent keys, private dashboard values, secrets, customer data, or private source files. ## Integrations and runtime model VibeLint is not an agent builder. It complements the tools that already create or run agents. VibeLint fits beside: - IDE agents - MCP-compatible coding tools - Workflow builders - Custom runtimes - Agent frameworks - Internal automation The public integration pattern is: - Create an agent identity. - Use a scoped agent key. - Send structured action logs or permission checks with placeholder examples. - Store only redacted context in examples. Example action log shape: { "tool": "stripe", "action": "issue_refund", "status": "executed", "reasoning_summary": "Customer was double charged", "rollback_available": true } Example permission check shape: { "tool": "database", "action": "update_records", "input": { "record_count": 12 }, "rollback_available": false } ## Agent action logs Agent Action Logs show what AI agents attempted or executed. Common fields: - timestamp - agent name - environment - session id - trace id - tool - action - status - risk score - risk level - permission decision - approval status - reasoning summary - rollback reference - redacted metadata Common statuses: - attempted - executed - failed - blocked - gated - rolled_back Risk levels used for action logs: - low - medium - high Code scan severity may include: - low - medium - high - critical ## Permission manager The Agent Permission Manager lets teams define what agents may do, what should be blocked, and what requires human approval. Policy examples: - Block all hardcoded secrets. - Warn on missing rate limiting. - Require approval before modifying auth-sensitive files. - Require approval before database schema changes. - Block destructive shell commands. - Allow low-risk read-only lookups. - Allow safe refactors. Decision values: - allow - warn - block - require_approval - log Example policy shape: { "rules": { "hardcoded_secrets": "block", "sql_injection": "block", "missing_rate_limit": "warn", "auth_changes": "require_approval", "destructive_shell": "block" } } ## Plans Free: - $0 forever - Best for trying VibeLint and securing personal AI coding workflows - Local MCP scanner - Pre-write checks - Free detector set - Pre-commit hook - Code remediation hints - 1 project - 20 monthly scans - 1 agent - 100 monthly action logs - 7-day scan and log retention Pro: - $19.99/month, $199/year, or limited-time $199 lifetime Pro - Best for builders using AI coding tools daily - Everything in Free - All 11 detectors - Prompt injection detection - LLM output execution detection - Missing rate-limit detection - Vulnerable dependency detection - 10 projects - 1,000 monthly scans - 10 agents - 25,000 monthly action logs - Permission policies - Approval requests - Security score - Weekly security digest - 30-day retention Max: - $49/month or $469/year - Best for high-volume production agent security - Everything in Pro - 50 projects - 10,000 monthly scans - 50 agents - 250,000 monthly action logs - 250 permission policies - 2,500 permission rules - 2,500 pending approvals - 90-day retention Enterprise: - Contact VibeLint - Best for security review, procurement, custom terms, and priority engineering support ## Privacy and trust Code scanning runs locally by default. Dashboard sync focuses on metadata, summaries, detector names, severity, file context, permission decisions, approval state, and redacted action context. Public docs should not include: - private dashboard data - real license keys - real agent API keys - customer data - live secrets - private source code - the internal stack used to build VibeLint - database schema details - provider credentials When testing VibeLint, use synthetic throwaway examples. Security contact: hi@vibelint.dev ## Comparisons VibeLint vs traditional SAST: Traditional scanners usually review repositories, pull requests, or dependencies after code exists. VibeLint focuses on the moment AI tries to create, modify, or act on code. VibeLint vs dependency scanners: Dependency scanners focus on packages. VibeLint includes dependency risk as one part of a broader AI agent security loop. VibeLint vs manual review: Manual code review is still important. VibeLint catches common AI-generated risks earlier and gives reviewers better evidence. VibeLint vs AI coding assistants: Coding assistants generate code. VibeLint checks generated code and agent actions for risk before they land. ## FAQ Is VibeLint a code scanner? Yes, but it is focused on AI-generated code and AI agent workflows. It also includes action logs, permissions, approvals, and audit history. Is VibeLint only for Cursor? No. VibeLint is designed for AI coding workflows and MCP-compatible agents, including Cursor, Windsurf, Claude Code, VS Code, Antigravity, Codex, and custom runtimes. Does VibeLint replace security reviews? No. It catches common AI-generated risks early and complements normal security practices. Does VibeLint store my source code? Code scanning runs locally by default. Dashboard sync focuses on metadata and redacted context rather than raw source files. Can VibeLint block an AI agent? Yes. VibeLint can return block decisions for permission checks and flag or block risky code depending on workflow configuration and policy. What languages does VibeLint support? Public examples emphasize JavaScript, TypeScript, and Python-style workflows. Detector behavior depends on the code, scanner package, and rule coverage available to the plan. ## Glossary AI coding agent: An AI system that reads, writes, edits, or reasons about code in a developer workflow. MCP: Model Context Protocol, a way for AI tools to call external tools and services through a structured interface. Agent action log: A record of what an agent attempted or executed, including tool, action, status, risk, and redacted metadata. Permission policy: A set of rules defining which agent actions are allowed, blocked, or require approval. Approval workflow: A human review step that pauses a sensitive action until it is approved or rejected. Detector: A security rule or analysis check that finds a risky pattern in generated code or project files. False positive: A finding that looks risky to a detector but is acceptable after human review. Redaction: Masking or removing sensitive values from logs before storing or displaying them. ## URLs Website: https://vibelint.dev Docs: https://vibelint.dev/docs Code security coverage: https://vibelint.dev/docs/code-security Pricing: https://vibelint.dev/plans Short LLM summary: https://vibelint.dev/llms.txt Full LLM reference: https://vibelint.dev/llms-full.txt Security contact: mailto:hi@vibelint.dev