ScalixScalix Docs
Sign up

Scalix Coder

AI coding agent for your terminal and VS Code — edit code, run commands, and build with Scalix

text
 ███████╗ ██████╗ █████╗ ██╗     ██╗██╗  ██╗
 ██╔════╝██╔════╝██╔══██╗██║     ██║╚██╗██╔╝
 ███████╗██║     ███████║██║     ██║ ╚███╔╝
 ╚════██║██║     ██╔══██║██║     ██║ ██╔██╗
 ███████║╚██████╗██║  ██║███████╗██║██╔╝ ██╗
 ╚══════╝ ╚═════╝╚═╝  ╚═╝╚══════╝╚═╝╚═╝  ╚═╝
            c o d e r

Scalix Coder is an AI coding agent that runs in your terminal and as a VS Code extension. It gives the model direct, sandboxed access to your codebase — file editing, shell, search, git, web, and more — so you can build, refactor, and debug in plain language. It runs on your Scalix account's models (the Scalix Lumio family) and can be pointed at any OpenAI-compatible endpoint you bring.

It's a separate product from Scalix Cloud — install it on its own; no platform account is required to try it, though connecting your Scalix API key unlocks the hosted models.

Install

bash
npm install -g scalix
scalix            # launch the terminal agent in your project

On first run you'll be prompted for an API key (create one in the console). The key is stored in your OS credential store — macOS Keychain, Windows DPAPI, or Linux secret-tool — never in a plaintext file. (Set SCALIX_NO_KEYCHAIN=1 to keep it in the config file instead, e.g. in CI.) The agent then discovers the models available to your account.

Permission modes

Coder never edits files or runs commands without your control. Switch modes at any time:

ModeBehavior
planRead-only — explores and proposes, never writes
defaultAsks before each file write or command
autoAuto-approves safe edits/commands; asks on risky ones
yoloFull autonomy (use in a sandbox/disposable checkout)

Approvals fail closed: if there's nothing to ask (headless runs, a disconnected UI), anything that would need confirmation is denied rather than silently allowed — only yolo bypasses confirmation. You can also define scoped permission rules in settings to always-allow or always-deny specific tools by name and arguments (e.g. allow run_command only for npm test).

What it can do

40 built-in tools, grouped:

  • Code — read, write, and surgically edit files; ripgrep search; directory tree; Jupyter notebooks
  • Shell & git — run commands, stage/commit, create and undo checkpoints
  • Web & browser — fetch pages, web search, and headless browser automation (navigate, click, type, screenshot)
  • Vision & voice — analyze images; voice input
  • Sub-agents — delegate a task to an isolated agent with its own scoped tools

Plus: auto-compression for long sessions, per-model context limits, complexity-based model routing with fallback, and token/cost tracking with per-session/day/month budgets.

VS Code extension

The same agent ships as a VS Code sidebar — install Scalix Coder from the Marketplace:

bash
code --install-extension scalix.scalix

Inline diffs, inline chat (Cmd+I), tab completion, codebase search, a model picker, checkpoints, and session history. Tool permissions are approved right in the chat — allow once, always-allow a tool for the session, or deny — and a live chip tracks the session's tokens and cost. Checkpoints snapshot your working tree without touching it, so restoring is always safe.

Safety

Coder runs inside a security sandbox: path-traversal prevention with symlink resolution, a command blocklist, secret-scrubbed environments for spawned commands and hooks, prompt-injection detection on fetched content, and SSRF protection that blocks private networks, cloud metadata endpoints, DNS rebinding, and encoded-IP tricks. Combined with the permission modes, you stay in control of every side effect.

Workspace trust. Project-local executable surfaces — plugins, hooks, rules, and local settings overrides — only load in workspaces you've explicitly trusted, so opening a freshly cloned repo never silently runs its code. Trust a workspace with /trust in the terminal UI; in VS Code, Coder follows VS Code's own workspace-trust decision. For CI and headless runs, set SCALIX_TRUST_WORKSPACE=1.

Customize

  • Custom commands — reusable prompts in .scalix/commands/*.md
  • Plugins — add your own tools under .scalix/plugins/
  • Hooks — pre/post tool-use hooks via .scalix/hooks.json, written in POSIX shell (on Windows they run through Git Bash); a hook that times out blocks the tool call
  • Project memory — Coder auto-detects your stack, conventions, and git context

Plugins, hooks, and rules are gated behind workspace trust (see above).

How it relates to the rest of Scalix

  • Scalix Coder (this) — the coding agent you run locally.
  • Scalix Cloud — the platform Coder can deploy to (databases, functions, storage, AI).
  • MCP & agent-native — operate Scalix Cloud from any AI agent, not just Coder.