Under the DPDP Act 2023, a single committed Aadhaar line can become a regulatory event. Seercode runs where the mistake happens — inside VS Code — and flags Indian PII, payment rails, and credential patterns before git push.

Generic “secret scanners” miss Verhoeff-validated Aadhaar, PAN entity letters, UPI handles, and Razorpay-style keys that Indian teams actually paste into repos. Seercode combines Indian-first detectors with the same class of API-key heuristics you expect from a secrets tool — entirely on your machine.

Why this exists

Most leaks are accidents: test fixtures, screenshots-as-code, hurry merges. Seercode is tuned for speed without shame — red underlines, Problems panel, toggleable rules, and plain-language DPDP context.

01

Indian-first detection

Aadhaar (Verhoeff), PAN (entity letter), UPI, IFSC, EPIC, passport, DL — not generic US-centric regex only.

02

100% local

No API calls, no telemetry, no “opt-in analytics.” Scan happens in your extension host process.

03

Real-time

Debounced diagnostics as you type — not a nightly batch scan of main.

04

Low false positives

Checksums and structure checks before we underline a 12-digit number.

05

DPDP-aware copy

Each class of detection carries context about why it matters in Indian law.

06

Free forever

Founder-funded. No tier that hides “real” detections behind a paywall.

9
Detector groups
0
Data uploaded
0
Servers called
Commits saved
What it catches

Nine built-in detector groups

Every rule ships enabled by default. Turn off what you do not need; tune severity in settings.

A

Aadhaar

12-digit UIDAI numbers with Verhoeff validation and confidence scoring.

Severity: Critical
P

PAN

Format + 4th-letter entity checks (individual, company, trust, …).

Severity: Critical
@

UPI ID

Major bank and wallet handles — oksbi, ybl, paytm, phonepe, jiopay, …

Severity: High
+

Mobile

Indian mobile patterns (+91, 6/7/8/9 series) with context.

Severity: Medium
IF

IFSC

Bank branch routing format validation.

Severity: Medium
V

Voter ID

EPIC forms (old & new).

Severity: High

Passport

Indian passport pattern with context.

Severity: Critical
DL

Driving licence

State / RTO / year patterns across India.

Severity: High
$

Secrets & API keys

AWS, GitHub, OpenAI, Stripe, Razorpay, JWT, PEM blocks, database URLs, …

Severity: Critical
See it in context

Live-style leak view

Diagnostics mirror what you would see in the editor — inline underlines, Problems entries, and a human-readable warning strip.

user-kyc.js — Visual Studio Code
1// Customer onboarding data
2const user = {
3  name: "Rahul Sharma",
4  aadhaar: "234123412346", // Aadhaar
5  pan: "ABCPE1234F",
6  upi: "rahul@oksbi",
10const KEY = "sk-proj-abc...";
! Seercode found potential leaks. Do not commit this file.
India · transparency

Why Seercode is different

An honest Indian story

We leak test data that looks “real enough.”

At 2am, a cousin’s Aadhaar in fixture.json feels harmless — until it ships. Seercode treats that like production spillage because regulators do too.

US-built scanners optimize for AWS and Stripe alone. Indian teams leak UPI handles, IFSC paths, EPIC numbers, and DigiLocker-shaped strings alongside the same OpenAI keys every startup pastes. Seercode is the seam between those two realities.

Three hard firsts

First

Verhoeff Aadhaar checks in VS Code

We validate UID digits instead of firing on every 12-digit string.

First

PAN entity semantics

Fourth-letter entity classes match how portals interpret PAN categories.

First

DPDP-aware surfacing

Messaging ties detections to obligations developers can act on.

Capability Seercode Typical secrets scanner Generic Indian PII SaaS
Verhoeff Aadhaar validation YES Rarely Often web-only
PAN entity letter checks YES No Sometimes
UPI / IFSC / EPIC coverage YES No Varies
Classic API keys (AWS, OpenAI, …) YES Yes Rare
Runs entirely offline in-editor YES Mostly Often cloud
Privacy promise

Your workspace never leaves your machine.

No telemetry SDKs, no “phone home” health checks, no silent updates that exfiltrate snippets. If you find a network call originating from Seercode, treat it as a ship-stopping bug and email jaytiwari092@gmail.com.

Open source MIT 0 telemetry DPDP aligned

Read the Seercode privacy policy →

Ship checklist

Install in under a minute

1

Open VS Code

Ctrl+P / Cmd+P

2

Run

Paste and hit Enter:

ext install seerror.seercode
3

Craft safely

Problems panel + status bar light up on new leaks automatically.

Command palette

Open Ctrl/Cmd + Shift + P and type “Seercode”.

CommandWhat it does
Seercode: Scan current fileFocused pass on the active editor
Seercode: Scan entire workspaceProject-wide sweep
Seercode: Show detection reportMarkdown summary for sharing
Seercode: Toggle detectorEnable/disable individual rules
Seercode: AboutVersion, links, support

Part of the Seerror suite

Same neon/dossier ethos as the Chrome extensions — Seercode is product 07 and sits beside Seerpack on VS Code.

01 · Chrome
SeerSign

Document forensics
02 · Chrome
Seerguard

Extension x-ray
03 · Chrome
Seertrap

WhatsApp shield
04 · Chrome
Seerraze

Discord cleaner
05 · VS Code
Seerpack

npm trust
06 · Chrome
Seerveil

Browser VPN
07 · VS Code · Here
Seercode

PII & secrets
FAQ

Questions

No — it complements them with Indian identifiers and in-editor ergonomics. Keep your existing gates; add Seercode for the PII layer developers forget.

Never by design. Read the Seercode privacy policy and audit the open source tree if you need proof.

Yes. All pattern engines ship inside the extension; there is no cloud inference step.

Any text you can open in VS Code — JS/TS, Python, Go, JSON, YAML, env files, SQL dumps, etc. If it is bytes on disk, we can underline it.

Install from the VS Code Marketplace
Get Seercode
Marketplace → Install → Reload → open a repo → type risky test data to see it light up