sandbox · example data only · not your workspace

Developer Tools Demo

Connect VS Code → link local repo → ask the DevOps Agent.

How an engineer uses the platform without leaving their IDE.

Steps

Est. time

~5 min

Audience

client

Reviewed

2026-05-23

engineer · DevOps Engineerengineer · Security Engineerconnector · VS Code

read first

OAuth Setup— GitHub / GitLab / Google OAuth providers.

Scanning Model

data flow

scenario architecture


   VS Code extension ──API key──▶  workspace
                                        │
                              link local repo to tracked repo
                                        │
                              chat: DevOps Engineer cites log lines

step 1/4·No approval needed

Install VS Code extension

Authenticates via the same API key.

visionxixlabs.com

connectors · VS Code primary

VS Codelive

· auth · API key (same as desktop) · workspace-scoped

· region · —

· 1 repo open

· last sync · 12s ago

invariantNo long-lived access keys stored. AWS assumes a role you create with an externalId we generate; Azure uses a service principal you control. You can revoke from the provider console without telling us.

Assume-role over keys

Cloud connectors never store long-lived access keys. AWS uses a cross-account IAM role you create + an externalId we generate; Azure uses a service principal you control. You can revoke at any time from the provider console — no calls needed.

safety invariants in play

✓Assume-role model — No long-lived access keys stored — workspace assumes a short-lived role you own and can revoke.

expected result

Sidebar shows workspace state.

use ← / → to navigate

engineering principle

The VS Code extension authenticates with the same API key as the desktop. No separate IDE login, no copy-paste of session cookies. The DevOps Engineer cites back to specific log lines so suggestions are verifiable, not hand-wavy.

Platform reference →Architecture overview →← Back to all scenarios Set up your real workspace →