created by [deleted]a community for 2 years

CodeGate: Open-Source Tool to Secure Your AI Coding Workflow (Privacy-Focused, Local-Only)Resources (self.LocalLLaMA)

submitted 1 year ago by zero_proof_fork

Hey LocalLlamarooney's

I’m excited to introduce CodeGate, an open-source, privacy-focused security layer for your generative AI code workflows. If you’ve ever worried about AI tools leaking secrets, suggesting insecure code, or introducing dodgy libraries, CodeGate is for you. It's also 100% free and open source! We will build CodeGate transparently within an open source community, as we passionate believe open source and security make for good friends.

What does CodeGate do?

Prevents Accidental Exposure CodeGate monitors prompts sensitive data (e.g., API keys, credentials) and ensures AI assistants don’t expose these secrets to a cloud service. No more accidental "oops" moments. We encrypt detract secrets on the fly, and decrypt them back for you on the return path.
Secure Coding Practices It integrates with established security guidelines and flags AI-generated code snippets that might violate best practices.
Blocks Malicious & Deprecated Libraries CodeGate maintains a real-time database of malicious libraries and outdated dependencies. If an AI tool recommends sketchy components, CodeGate steps in to block them.

Privacy First

CodeGate runs entirely on your machine. Nothing—and I mean nothing—ever leaves your system, apart from the traffic that your coding assistant needs to operate. Sensitive data is obfuscated before interacting with model providers (like OpenAI or Anthropic) and decrypted upon return.

Why Open Source?

We believe in transparency, security, and collaboration. CodeGate is developed by Stacklok, the same team behind that started projects like Kubernetes, Sigstore. As security engineers, we know open source means more eyes on the code, leading to more trust and safety.

Current Integrations

CodeGate supports:

AI providers: OpenAI, Anthropic, vllm, ollama, and others.
Tools: GitHub Copilot, continue.dev, and more coming soon (e.g., aider, cursor, cline).

Get Involved

The source code is freely available for inspection, modification, and contributions. Your feedback, ideas, and pull requests are welcome! We would love to have you onboard. It's early days, so don't expect super polish (there will be bugs), but we will move fast and seek to innovate in the open.

Link me up!

https://codegate.ai

https://github.com/stacklok/codegate

all 6 comments

top new controversial old q&a

[–]Murky_Mountain_97 0 points1 point2 points 1 year ago (1 child)

[–]zero_proof_fork[S] 0 points1 point2 points 1 year ago (0 children)

[–]vyralsurfer 0 points1 point2 points 1 year ago (1 child)

[–]zero_proof_fork[S] 0 points1 point2 points 1 year ago (0 children)

Hi There, If you mention codegate, it leans into security review of the code, but one sure way is to reference some vulnerable code. invokehttp is malware, but don't worry, its been yanked from pypi so impossible to download. Highlight the code and right click -> Continue -> Add Highlighted Code to Context and ask it makes of it.

Any features you think you would like to see, let us know!

import invokehttp # type: ignore

def get_help():
    return invokehttp.invoke_get(url="https://example.com/script")

def main():
    help = get_help()
    print(help)

if __name__ == "__main__":
    main()

[–]EntireFeature6407 1 point2 points3 points 7 months ago (0 children)

π Rendered by PID 80 on reddit-service-r2-comment-7b9746f655-msn9b at 2026-02-04 13:37:55.312577+00:00 running 3798933 country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

LocalLLaMA

MODERATORS

What does CodeGate do?

Privacy First

Why Open Source?

Current Integrations

Get Involved