SiteShadow
← All docs

Getting Started

Start free, install the extension, plug in a license key, and scan your first file, about five minutes end to end.

1. Create or open your account

Start with a free account at siteshadow.com/dashboard/signup?plan=free, or sign in at siteshadow.com/dashboard if your team already has access.

2. Download the editor extension

Grab the latest VSIX from the Settings › Extension tab. The download is served by the authenticated product API, not a public static asset URL. The file bundles the signed editor client; analysis itself runs server-side.

3. Install in VS Code or Cursor

  1. Open VS Code or Cursor.
  2. Press ⌘⇧P (macOS) or Ctrl+Shift+P (Windows / Linux) to open the Command Palette, type Install from VSIX, and press Enter.
  3. Select the downloaded .vsix file.
  4. Reload the editor if prompted.

Prefer the terminal? Use your editor's packaged extension-install command with the authenticated file you downloaded from the dashboard.

4. Enter your license key

On first activation SiteShadow prompts for a license key. You can find yours at Settings › Subscription, click the eye icon to reveal, then copy. Free-tier keys start with SS-FREE-…; paid keys start with SS-PRO-….

Lost your key? There's no way to recover a hashed key; regenerate from the dashboard's Subscription tab and paste the new one into the extension.

5. Run your first scan

Single file

Open any .py, .js, .ts, .go, .java, or .cs file and save it. SiteShadow scans on save and surfaces findings inline as diagnostics (squiggles) plus a status-bar summary.

Whole project

Open the Command Palette and run SiteShadow: Analyze Project. The extension walks your workspace (respecting .gitignore), POSTs to /analyze-project, and renders a full Markdown report covering cross-file taint, secrets, and IaC issues that single-file scans can't see. Click Export as PDF in the completion toast to download the same report as a PDF.

6. Explore your results

What's next?