diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 00000000..56b38618
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,20 @@
+{
+    "image": "mcr.microsoft.com/devcontainers/universal:2",
+    "hostRequirements": {
+      "cpus": 4
+    },
+    "waitFor": "onCreateCommand",
+    "updateContentCommand": "python3 -m pip install -r requirements.txt",
+    "postCreateCommand": "",
+    "customizations": {
+      "codespaces": {
+        "openFiles": []
+      },
+      "vscode": {
+        "extensions": [
+          "EditorConfig.EditorConfig",
+          "ms-python.python"
+        ]
+      }
+    }
+  }
\ No newline at end of file
diff --git a/oletools/olevba.py b/oletools/olevba.py
index a44bb777..b22decb6 100644
--- a/oletools/olevba.py
+++ b/oletools/olevba.py
@@ -2183,7 +2183,7 @@ def detect_autoexec(vba_code, obfuscation=None):
         for keyword in keywords:
             #TODO: if keyword is already a compiled regex, use it as-is
             # search using regex to detect word boundaries:
-            match = re.search(r'(?i)\b' + re.escape(keyword) + r'\b', vba_code)
+            match = re.search(r'(?i)^(?:[^\']|\b).*\b' + re.escape(keyword) + r'\b', vba_code)
             if match:
                 found_keyword = match.group()
                 results.append((found_keyword, description + obf_text))
@@ -2192,7 +2192,7 @@ def detect_autoexec(vba_code, obfuscation=None):
         for keyword in keywords:
             #TODO: if keyword is already a compiled regex, use it as-is
             # search using regex to detect word boundaries:
-            match = re.search(r'(?i)\b' + keyword + r'\b', vba_code)
+            match = re.search(r'(?i)^(?:[^\']|\b).*\b' + keyword + r'\b', vba_code)
             if match:
                 found_keyword = match.group()
                 results.append((found_keyword, description + obf_text))
@@ -2218,7 +2218,7 @@ def detect_suspicious(vba_code, obfuscation=None):
         for keyword in keywords:
             # search using regex to detect word boundaries:
             # note: each keyword must be escaped if it contains special chars such as '\'
-            match = re.search(r'(?i)\b' + re.escape(keyword) + r'\b', vba_code)
+            match = re.search(r'(?i)^(?:[^\']|\b).*\b' + re.escape(keyword) + r'\b', vba_code)
             if match:
                 found_keyword = match.group()
                 results.append((found_keyword, description + obf_text))
@@ -2226,7 +2226,7 @@ def detect_suspicious(vba_code, obfuscation=None):
         for keyword in keywords:
             # search using regex to detect word boundaries:
             # note: each keyword must NOT be escaped because it is an actual regex
-            match = re.search(r'(?i)\b' + keyword + r'\b', vba_code)
+            match = re.search(r'(?i)^(?:[^\']|\b).*\b' + keyword + r'\b', vba_code)
             if match:
                 found_keyword = match.group()
                 results.append((found_keyword, description + obf_text))