Use Cases
What Codehere does well today — and where it has limits.
What Works Well Today
Understand an Unfamiliar Codebase
You inherited a codebase with no documentation. Index it, then ask natural language questions to quickly find where things are and how they work.
Try it:
What it does:
- Builds semantic embeddings locally (SQLite)
- Returns relevant files and code snippets
- Works best with TypeScript/JavaScript codebases
- Per-repository isolation — no cross-project leakage
Limitation: Best for repos under 100K lines. Large repos may be slow to index.
Safe AI-Assisted Code Editing
Fix files with AI assistance. Every instruction is scanned for prompt injection first. Every generated change passes SAST before touching your files.
Try it:
What it does:
- Prompt injection scan on every instruction
- SAST scanning on every AI-generated edit
- Automatic backup before changes
- Rollback if something goes wrong
Limitation: Single-file editing only. Multi-file editing is on the roadmap.
Plan Complex Changes Before Doing Them
Break down a big task into steps before writing any code. See which files will be affected, what the dependencies are, and what the risks are.
Try it:
What it does:
- Step-by-step task breakdown
- Identifies affected files and dependencies
- Risk assessment for each step
- Uses codebase context for realistic plans
Limitation: Plans are AI-generated suggestions, not guaranteed-correct blueprints. Always review.
Security-Conscious Development
Every AI-generated code change passes through a safety pipeline. Catches SQL injection, hardcoded secrets, unsafe patterns — before they reach your codebase.
Try it:
What it does:
- Prompt injection detection on the instruction
- AI SAST scanner checks generated code
- Detects hardcoded secrets and passwords
- Catches unsafe patterns: eval, exec, path traversal, ReDoS
Limitation: SAST is pattern-based. Not a replacement for a professional security audit.
Privacy-First AI Assistance
Run completely offline with Ollama. Or use cloud providers — but your code index always stays local. No telemetry. No data collection.
Try it:
What it does:
- Local SQLite storage for all data
- Works fully offline with Ollama
- No telemetry or analytics — ever
- Per-repo data isolation
Limitation: Local models (Ollama) require a machine with at least 8GB RAM. Quality varies by model.
Multi-Step Orchestration
Coordinate multi-step changes across your codebase. Codehere breaks down the task, executes steps in order, and validates along the way.
Try it:
What it does:
- Multi-agent coordination
- Step-by-step execution with validation
- Uses codebase context for accurate changes
- Review gates at each step
Limitation: Complex orchestrations with many files can be slow and may need manual intervention.
What We're Building Next
These are built or in progress — targeting v0.2.0. Not yet published to npm. See the full roadmap for details.
Safety Benchmark (50 Patterns)
A public, reproducible benchmark: 50 attack patterns across 5 categories. Built and runnable from source. Targeting inclusion in v0.2.0 npm release.
Prompt Injection Detection
Every instruction scanned for adversarial patterns before it reaches the AI. Built into the safety pipeline. Targeting v0.2.0.
VS Code Extension
Alpha code exists but is untested with real users. Not published to the VS Code Marketplace yet. Do not rely on it.
Multi-File Editing
Coordinate changes across multiple files in a single operation with dependency awareness.
Known Limitations
We believe in honesty. Here's what Codehere doesn't do well yet:
Try it yourself
Free, open source, works offline. Install and start asking questions in under 2 minutes.