Skip to main content
The Sparkle Guardrails extension applies project-aware security and compliance guardrails whenever you use AI coding features in your IDE. Sparkle runs in the background and fetches relevant guardrails through the Sparkle MCP server before your agent plans or generates code.

Quick start

If you have not installed the extension yet, start with the setup guide for your editor. After installation, complete these steps:
1

Sign in

Open the Sparkle sidebar from the activity bar, or run Sparkle: Sign In from the Command Palette (Cmd+Shift+P or Ctrl+Shift+P).Sign up or sign in at app.thesparkle.ai when prompted. No credit card is required.
2

Open your project

Open the repository you want Sparkle to protect. Sparkle resolves guardrails from your connected Sparkle workspace and the repository’s remote.
3

Use AI features

Use your IDE’s AI chat or agent as you normally would. Sparkle applies guardrails on every prompt without changing your workflow.
The extension bundles the Sparkle CLI and runs setup automatically after sign-in. You do not need to run sparkle setup separately when using the extension.

Sparkle sidebar

Click the Sparkle icon in the activity bar to open the Sparkle sidebar. From there you can:
  • Sign in or sign out
  • View your connection status
  • Open the sign-in tab if authentication expires
Use Sparkle: Open Sidebar from the Command Palette if the sidebar is not visible.

How guardrails are applied

When you ask your IDE agent to write or change code, Sparkle:
  1. Identifies the user intent from the prompt and target repository from your open workspace
  2. Calls the Sparkle MCP get_guardrails tool with your task and repo context
  3. Returns applicable guardrails for your organization and project
  4. Injects those guardrails into the agent context before code is generated
Guardrails cover coding best practices and security standards such as OWASP, PCI-DSS, and custom organization policies. The agent uses them during planning and code generation so issues are caught at the source rather than in review or scanning.
Guardrails are scoped to each repository. Sparkle fetches guardrails for the repo that contains the files you are changing, not for unrelated directories in the same workspace.

Command Palette commands

Run these from the Command Palette (Cmd+Shift+P or Ctrl+Shift+P):
CommandDescription
Sparkle: Sign InStart or complete the sign-in flow
Sparkle: Sign OutSign out of Sparkle on this machine
Sparkle: Open SidebarOpen the Sparkle sidebar
Sparkle: Open Sign In TabOpen the sign-in page in a browser tab
Sparkle: DiagnoseRun diagnostics and send data to Sparkle when something is not working
Sparkle: Reset All DataClear Sparkle setup data on machine and sign out

Verify guardrails are active

After sign-in, confirm Sparkle is wired correctly:
1

Run a coding prompt

Ask your agent to write or change code in a connected repository.
2

Confirm MCP is called

You should see a get_guardrails MCP call before the agent plans or generates code.
If MCP calls are skipped, see Troubleshooting for steps to force MCP usage or add a persistent IDE rule.

Extension settings

Configure Sparkle under Settings → search for Sparkle Guardrails:
SettingDefaultDescription
sparkle-guardrails.telemetryEnabledtrueUpload telemetry data to Sparkle
sparkle-guardrails.debugfalseEnable debug logging for troubleshooting
Enable debug logging if you run Sparkle: Diagnose or need to share logs with support.

Supported editors

The extension is published on Open VSX and works in: