
The first Solana extension with built-in static analysis detectors and fuzzing coverage visualization. Catch common security vulnerabilities as you code and see exactly which lines Trident fuzz tests cover, without leaving your IDE.
Even experienced developers miss things. Code reviews miss things. Tests miss edge cases. This extension adds an extra pair of eyes - catching common issues in real-time and showing you which paths your fuzz tests actually covered. Part of professional development workflow, not a replacement for good practices.
Enhance your Solana development workflow with built-in security scanning. The extension automatically detects common security issues in your Solana programs.
Manual Lamports Zeroing: Detects unsafe manual lamports zeroing patterns
Missing Check Comment: Identifies critical code sections lacking security check comments
Immutable Account Mutated: Identifies when code attempts to modify an account marked as immutable
Instruction Attribute Invalid: Detects invalid instruction attributes that could cause runtime errors
Instruction Attribute Unused: Finds unused instruction attributes that might indicate logic errors

Missing InitSpace Macro: Catches account creation without proper space initialization

Missing Signer: Alerts when code fails to verify required signers

Sysvar Account: Detects improper sysvar account access methods

Unsafe Math: Identifies mathematical operations that could lead to overflows

The integration is automatic once you have the proper structure:
trident-tests directory in your workspacetrident-tests directorycargo llvm-cov to generate JSON coverage reportsCommands available:
solana: Show Code Coverage - Opens coverage visualizationsolana: Close Code Coverage - Closes coverage displayThe extension offers two coverage modes:
The extension activates when:
trident-tests directoryConfiguration options (in VS Code Settings):
"tridentCoverage.showExecutionCount": true, // Show execution counts
"tridentCoverage.executionCountColor": "CYAN", // Choose color
To display coverage, use the guidance on this page.
The extension will automatically find coverage reports in trident-tests and visualize which lines are covered by your tests with color-coded highlighting based on execution frequency, directly in your editor:

solana: Scan Workspace for Security Issues (Ctrl+Alt+S / Cmd+Alt+S)solana: Reload Security Detectors (Ctrl+Alt+R / Cmd+Alt+R)solana: Show Code Coveragesolana: Close Code Coveragesolana: Show Security Scan Outputnightly-2025-09-18) for Solana program security scanningrustup toolchain install nightly-2025-09-18cargo install cargo-dylint dylint-linksolana: Scan Workspace for Security Issues to scan for security vulnerabilitiessolana: Show Code Coverage to visualize code coverage from Trident testsserver.path: Path to the Solana language server binary (leave empty to use bundled version)tridentCoverage.showExecutionCount: Show execution count numbers next to covered statementstridentCoverage.executionCountColor: Color of the execution count displayEnjoy the extension? Consider giving it a review!
Get help and give feedback in our Discord
Follow Trident on X
$ claude mcp add solana-vscode \
-- python -m otcore.mcp_server <graph>