Securie for Continue — autonomous-coding security for the open Continue.dev plugin

roadmap

Continue is the open-source autonomous-coding plugin (VS Code + JetBrains). Like Cline, it executes operations without per-step approval. Same security envelope: agent-scope guards on autonomous operations + specialist fleet review on every PR + secret_scanner live-validation of `.continue/` directory inclusion.

Updated

What it does

Continue ships an open-source MCP integration — meaning the April 2026 Anthropic MCP RCE class affects Continue users. Securie's mcp-guard + secret_scanner + agent-scope crates close the autonomous-edit + MCP-trust + credential-leak surfaces in one pipeline.

When to use it

Teams using Continue.dev in production-adjacent repos.

Limitations

Roadmap. Continue-internal plugin integration is post-GA.

Install

  1. Install Securie GitHub App on the repo Continue operates on
  2. Add `.continue/` to .gitignore + .npmignore (the Bitwarden CLI Apr 2026 hijack hunted this path)
  3. Configure Continue's autonomous-operation allowlist to exclude destructive operations
  4. Push any Continue-committed change; Securie reviews + sandbox-verifies

Listed on

Continue.dev