# VSCode Plugin The Gomboc VS Code Plugin delivers real-time, context-aware fixes powered by Gomboc’s deterministic AI. It applies precise remediations with clear explanations, helping you secure new infrastructure and clean up legacy code without slowing down development. #### 0. Prerequisites Before you start, make sure you have: * **VS Code** version 1.63.0 or greater\ * **Docker** is installed and **running** (Docker Desktop or Docker Engine)\ > **Why Docker?** The VS Code extension runs the ORL remediation engine locally inside a Docker container when you scan. If Docker isn’t running, scans/fixes won’t start. #### 1. Generate a personal token * [Here's](/getting-started/generate-a-personal-access-token.md) how to create a Gomboc personal access token. #### 2. Set up the Gomboc VSCode plugin * Install the Gomboc Plugin via the marketplace or direct in the IDE: * VS Code Marketplace (click "Install") [gomboc-vscode-extension](https://marketplace.visualstudio.com/items?itemName=GombocAI.gomboc-vscode-extension)

* VSCode Extensions tab. Search for "Gomboc" and click "Install":

* When you install the extension, be sure to enable "Auto Update". * Once installed, open the product settings by doing one of the following: * click the gear icon and select "Settings":

* Open Settings > Extensions and search for "Gomboc."

* Paste your Personal Access Token into the Api Key field. Run `Gomboc: Test Api Key` from the command and enable "Scan on File Save".\\

#### 3. Run your first scan Choose your path before running your scan * **Option 1 (Recommended):** Checkout the [Gomboc Reviewer guide](/integrations/vscode-plugin/gomboc-reviewer-webview.md) * **Option 2 (Quick):** Problems panel → Apply Fix * Create a project with a **Terraform** file. * In your IDE, create a new folder called "gomboc-quickstart" and create a new file, `main.tf`

* Populate that file with the following content: ``` provider "aws" { region = "us-east-2" } data "aws_region" "current" {} resource "aws_dynamodb_table" "test_table_a" { } resource "aws_lambda_function" "myfunction" { } resource "aws_appsync_graphql_api" "test_api" { authentication_type = "API_KEY" } resource "aws_keyspaces_table" "mykeyspacestable" { } ``` * Alternatively, check out with the following command ``` git clone git@github.com:Gomboc-AI/rattleback.git ``` * Save the file, triggering Gomboc to scan it * Alternatively, click on the search bar and select "Show and Run Commands":

* Type "Gomboc" into the search and select "Gomboc: Scan current file or scenario":

#### **4. Apply the fixes** * Review the **Problems** panel → click **Apply Fix** (or **Apply All**). * Save, test, and commit your changes. {% hint style="info" %} Want a realistic repo and a guided workflow? Continue with [**Gomboc Demo Cases**](/getting-started-ce/gomboc-demo-cases.md). {% endhint %} *** If you have questions or feedback, reach out at -we’re here to help! --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.gomboc.ai/integrations/vscode-plugin.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.