SiteShadow
Request access Login
Menu
Login Home Library Proofs Docs Pricing Blog Privacy
Request access
← All docs

Getting Started

Install the extension, plug in a license key, and scan your first file — about five minutes end to end.

1. Download the VSIX

Sign in to the dashboard, then grab the latest VSIX from Settings › Extension tab, or directly from siteshadow.com/extension/download. The direct download URL requires an active dashboard session. The current extension version is 0.4.9. The file is about 40 KB — it bundles the client that talks to api.siteshadow.com/analyze; analysis itself runs server-side.

2. Install in VS Code or Cursor

  1. Open VS Code or Cursor.
  2. Press ⌘⇧P (macOS) or Ctrl+Shift+P (Windows / Linux) to open the Command Palette, type Install from VSIX, and press Enter.
  3. Select the downloaded .vsix file.
  4. Reload the editor if prompted.

Prefer the terminal? Run:

cursor --install-extension /path/to/siteshadow-0.4.9.vsix
# or, for VS Code
code --install-extension /path/to/siteshadow-0.4.9.vsix

3. Enter your license key

On first activation SiteShadow prompts for a license key. You can find yours at Settings › Subscription — click the eye icon to reveal, then copy. Free-tier keys start with SS-FREE-…; paid keys start with SS-PRO-….

Lost your key? There's no way to recover a hashed key; regenerate from the dashboard's Subscription tab and paste the new one into the extension.

4. Run your first scan

Single file

Open any .py, .js, .ts, .go, .java, or .cs file and save it. SiteShadow scans on save and surfaces findings inline as diagnostics (squiggles) plus a status-bar summary.

Whole project

Open the Command Palette and run SiteShadow: Analyze Project. The extension walks your workspace (respecting .gitignore), POSTs to /analyze-project, and renders a full Markdown report covering cross-file taint, secrets, and IaC issues that single-file scans can't see. Click Export as PDF in the completion toast to download the same report as a PDF.

5. Explore your results

What's next?