Plugin

The Snitch Plugin is a skill that loads into your existing AI coding tool (Claude Code, Cursor, Codex, Windsurf, and 30+ others). You ask the AI to run a security audit, the skill loads the 72-category methodology, and findings come back inline in your normal AI chat.

How it works

1. Buy the Plugin. You get a one-line install command tied to your account email.
2. Run the install command from your AI tool's skill / extension manager.
3. In any chat, ask: "Run a Snitch security audit on this file" (or directory, or repo).
4. The skill loads the methodology and walks the AI through a structured audit.
5. Findings come back in chat as a structured report.

No subscription, no second AI bill. The Plugin runs inside the AI tool you already use, so it inherits that tool's auth and sends prompts to whichever AI provider that tool is configured for. Snitch's servers are out of the loop after the one-time install.

Categories

72 categories at the moment of purchase: injection, auth, secrets, supply chain, AI-specific risks, access control, crypto, platform-specific patterns, and more. Plugin methodology is fixed at purchase time and stays that way (no internet calls, no auto-updates). Want updated methodology? The CLI and Action refresh on every scan.

Compatible AI tools

Claude Code, Cursor, Windsurf, Codex (OpenAI), Gemini Code Assist, Continue, Aider, Cline, Roo Code, and more. If your AI tool supports markdown skills or system-prompt extensions, it works.

Pricing

One-time purchase. See pricing.

Privacy

The Plugin runs locally inside your AI tool. The license check pings snitchplugin.com once at install time, and after that Snitch's servers never receive your code, your findings, or the repo identity. The AI tool you're running it in (Claude Code, Cursor, Codex, etc.) does see your code and sends prompts to whichever AI provider that tool is configured for. That's the same flow as any other prompt you send in that tool, with whatever privacy posture that provider already has with you.