IT Get in touch

Tutorial: Cline in VS Code with manual approval on every action

Cline (formerly Claude Dev) used in VS Code to generate boilerplate and tests with manual review of every diff. Multi-provider configuration, auto-approve disabled, config management for SME teams.

Open SourceAITutorial
Open SourceAITutorial Open SourceAIAgenticTutorialClineVS CodeSME
SMEs

Small and Medium Enterprises

In-house SME development teams adopting AI assistants in the IDE while keeping review and traceability constraints.

Discover →

Preliminary notes

This tutorial is provided “as-is”. Before running it on an active repository:

  • Work on a dedicated branch, not on main.
  • Back up (or push to remote) the starting branch before letting the agent act.
  • Never place secrets into prompts. Cline ships content to the configured LLM provider.
  • Keep auto-approve off for destructive actions until you are comfortable with the agent.
  • Mode and settings syntax has changed more than once across versions: check the project’s current docs.

What Cline is

Cline — first published as Claude Dev and renamed in autumn 2024 — is an open-source VS Code extension (github.com/cline/cline) that turns the editor into a coding agent. Unlike a plain autocomplete, Cline can read and write files, run terminal commands and launch headless browsers to inspect the running app. Every proposed action appears in a side panel and requires approval.

The default interaction model is deliberately conservative: the user reviews every diff and every command before it is applied. This matches SME teams that introduce AI assistants without giving up control of the code that lands.

Use case: generating a REST endpoint with tests in a Node microservice

A 3-developer team on an Express/TypeScript microservice. We need to add GET /api/v1/invoices/:id with validation and tests. We want Cline to produce code, but every file must be reviewed before hitting CI.

1. Install

From VS Code: Ctrl+Pext install saoudrizwan.claude-dev (historical ID preserved for compatibility). The Cline icon appears in the sidebar after installation.

2. Provider configuration without exposing the key

Cline supports Anthropic, OpenAI, OpenRouter, Google, Bedrock and local Ollama. The key is entered in the extension Settings, not in the workspace .vscode/settings.json (which may be committed by mistake).

VS Code → Settings → Extensions → Cline → API Provider: [Anthropic | OpenRouter | Ollama | ...]
VS Code → Settings → Extensions → Cline → API Key: <key>

For environments where the key must not touch disk, launch VS Code with the environment variable already exported (support depends on the version) or use local Ollama, which needs no key.

3. Disable auto-approve

In the extension’s Auto-approve section, keep the following off:

  • Execute commands
  • Edit files outside the workspace
  • Use the browser

You may keep read access to workspace files enabled (the only non-destructive action). On production repos, also keep Edit files on manual approval until the agent flow is stable.

4. Starting prompt

In the Cline panel:

“In the current project (src/), add endpoint GET /api/v1/invoices/:id. It must: (a) validate that :id is a UUIDv4; (b) return 404 if the record does not exist; (c) return the object as JSON. Add an integration test in tests/invoices.test.ts covering both branches. Do not touch files outside src/routes, src/validators and tests/.”

Notes on the prompt:

  • Explicit path constraints limit the agent’s blast radius.
  • Measurable acceptance criteria (UUID validation, HTTP codes, both test branches).
  • Explicit test request: an agent not told to write tests often does not.

5. Diff review

Cline shows proposed diffs with “Save” / “Reject” per file. For each file:

  1. Read the full diff.
  2. Check that no code is added under node_modules/, dist/ or other unintended paths.
  3. If a test pulls in unnecessary setup (e.g. DB mocks that already exist), reject the file and re-instruct with a tighter prompt.

6. Granular commit

Immediately after approving, commit manually with a human message. Avoid bundling multiple Cline sessions into one commit: if something breaks, git bisect will thank you.

Limits and caveats

  • Token cost is non-trivial: Cline sends a lot of context to the model per action. On medium-sized repos, a long session can easily cost more than an hour of junior-developer time. Monitor spend.
  • Auto-approve for commands is a dangerous temptation: one ambiguous prompt is enough for the agent to run a “cleanup” rm -rf in a build directory. Keep it off by default.
  • Does not replace code review: the fact that the agent wrote the code does not remove the need for PR review. It may actually make it more necessary, because repetitive patterns generated by the agent tend to hide unverified assumptions.
  • Versioning the config: if you commit .clinerules or .clineignore to the repo, document it in the README: whoever clones should know the repo is “AI-assisted” and what rules apply.

Link: github.com/cline/cline

Stefano Noferi — Founder e CEO/CTO di noze
Tech Entrepreneur — AI Governance & Security Architect

Need support? Under attack? Service Status
Need support? Under attack? Service Status