Workspace Scanning

While real-time file buffers are analyzed instantly on every keystroke, the @promptshield/lsp package also natively orchestrates full-workspace scans explicitly requested by the editor.

To do this, it acts as a protocol bridge between your IDE and the high-performance @promptshield/workspace streaming engine.

LSP Progress API Integration

When a workspace scan is initiated (via the promptshield.scanWorkspace command), the LSP server leverages the $/progress window capabilities of the Language Server Protocol.

Because @promptshield/workspace streams results via an Async Generator, the LSP receives events and dispatches deterministic progress percentages back to the IDE's UI in real-time, completely non-blocking the main extension thread.

Markdown Report Generation

IDE Diagnostics (the squiggly lines) are ephemeral and usually limited to currently open files or explicitly requested problem panels.

To provide an audit trail of a full workspace scan, the LSP server instructs the generateWorkspaceReport utility to dump a comprehensive Markdown file representing the repository's threat landscape.

This report is written to: <workspaceRoot>/.promptshield/workspace-report.md

You can click the file:// links inside this generated report directly in VSCode to jump to the compromised files.

Caching Pass-Through

The LSP server directly inherits the configuration state (promptshield.config.json) resolved at startup. If your workspace cache mode is set to "auto" (the default) or "split", the LSP server's workspace scan will transparently utilize the exact same .promptshield/cache entries as the CLI.

This means running the CLI in CI and running the "Scan Workspace" command in VSCode share the identical underlying caching mechanisms and performance benefits.