Back to Home

Documentation

Everything you need to know about securing your code with CodeShield Local.

v1.0.0
Last updated: Dec 1, 2025
Introduction

CodeShield Local is a privacy-first security auditing tool designed to run entirely on your local machine. Unlike cloud-based scanners, CodeShield ensures that your source code never leaves your device.

It combines traditional static analysis (SAST) with local Large Language Models (LLMs) to provide deep insights, reduce false positives, and suggest intelligent fixes.

Installation

bash

# Clone the repository

git clone https://github.com/yourusername/codeshield-local.git

# Install dependencies

npm install

# Start the development server

npm run dev

Prerequisites

  • Node.js v18 or higher
  • Ollama (for AI features)
  • Git

Configuration

CodeShield Local works out of the box, but you can configure the AI model settings for better performance.

Setting up Ollama

To enable AI features, you need to have Ollama running locally.

  1. Download Ollama from ollama.com
  2. Run ollama pull deepseek-coder in your terminal
  3. Ensure Ollama is running with ollama serve

Running Scans

1. Upload

Navigate to the "Scan" page and drag & drop your project ZIP file. The system supports .zip files containing source code.

2. Analyze

The scan starts automatically. You'll see real-time progress as the static analyzer and AI engine process your files.

Understanding Reports

The dashboard provides a comprehensive view of your project's security posture.

Critical Vulnerabilities

Issues that pose an immediate threat, such as SQL Injection or Hardcoded Secrets. These should be fixed immediately.

Warnings

Potential issues or code smells that could lead to vulnerabilities. Review these carefully.

AI Auto-Remediation

CodeShield uses local LLMs to suggest fixes for detected vulnerabilities.

How to use it

Click on any finding in the dashboard to open the details view. Then, click the "Remediate with AI" button. The system will generate a code patch that you can copy and apply to your codebase.