-
Notifications
You must be signed in to change notification settings - Fork 0
Getting Started
Caspian-Explorer edited this page Feb 7, 2026
·
1 revision
- Open the Extensions view (
Ctrl+Shift+X) - Search for "Caspian Security"
- Click Install
- Download the
.vsixfile from the Releases page - Open VS Code
- Press
Ctrl+Shift+P(orCmd+Shift+Pon Mac) - Search for "Extensions: Install from VSIX"
- Select the downloaded file
Once installed, Caspian Security activates automatically when you open a supported file. There are two ways to start:
Simply open or edit any supported file. Security analysis runs automatically as you type with a 1-second debounce. Issues appear as diagnostic squiggles in the editor.
- Open the Command Palette (
Ctrl+Shift+P) - Run "Caspian Security: Check Current File"
- Issues appear in the editor and in the Problems panel (
Ctrl+Shift+M)
To scan your entire project:
- Open the Command Palette (
Ctrl+Shift+P) - Run "Caspian Security: Check Entire Workspace"
- All supported files are scanned (excluding
node_modules) - A progress indicator shows scan status — click to cancel at any time
| Mode | Trigger | Description |
|---|---|---|
| Auto Check | As you type | Real-time analysis with 1-second debounce (enabled by default) |
| Check on Save | File save | Full check on every save (enabled by default) |
| Manual Scan | Command Palette | Scan current file or a specific category on demand |
| Workspace Scan | Command Palette | Scan all supported files in the project with progress |
| Uncommitted Scan | Command Palette / SCM menu | Scan only git-modified files |
| Dependency Check | Command Palette / Workspace scan | Check for outdated packages and known vulnerabilities |
After running a scan, open the interactive results panel:
- Command Palette > "Caspian Security: Show Results Panel"
- Or click on any diagnostic squiggle and use the Quick Fix menu
The results panel shows:
- Summary -- total issues grouped by severity (Error / Warning / Info)
- Issue table -- each issue with file, line, rule code, description, and confidence badge
-
Actions per issue:
- AI Fix -- generate a context-aware AI fix
- Verify -- re-scan to confirm resolution
-
Ignore -- suppress the issue and write to
.caspianignore - Go to Line -- jump to the issue in the editor
- Export buttons -- JSON, CSV, and SARIF export in the panel header
Open the Command Palette (Ctrl+Shift+P) and search for any of these:
| Command | Description |
|---|---|
| Caspian Security: Check Current File | Scan the active file |
| Caspian Security: Check Entire Workspace | Scan all supported files |
| Caspian Security: Run Full Security Scan | Scan all categories |
| Caspian Security: Fix Issue with AI | Generate an AI-powered fix |
| Caspian Security: Configure AI Fix Provider | Set up API key for Claude, GPT-4, or Gemini |
| Caspian Security: Verify Issue Resolution | Re-scan to confirm an issue is resolved |
| Caspian Security: Ignore Issue | Mark as ignored, write to .caspianignore
|
| Caspian Security: Show Results Panel | Open the interactive results panel |
| Caspian Security: Export Results to JSON | Export as JSON |
| Caspian Security: Export Results to CSV | Export as CSV |
| Caspian Security: Export Results to SARIF | Export SARIF v2.1.0 |
| Caspian Security: Scan Uncommitted Files | Scan only git-modified files |
| Caspian Security: Check Dependency & Stack Updates | Check for outdated packages |
Additionally, there are 14 category-specific commands (e.g., "Check Authentication & Access Control", "Check Input Validation & XSS") to scan for a single category.
| Language | File Extensions |
|---|---|
| JavaScript |
.js, .jsx, .mjs, .cjs
|
| TypeScript |
.ts, .tsx, .mts, .cts
|
| Python | .py |
| Java | .java |
| C# | .cs |
| PHP | .php |
| Go | .go |
| Rust | .rs |
- Configuration -- customize settings, AI provider, and category toggles
- AI Fixes -- learn how smart context AI fixes work
- Rule Reference -- browse all 133 security rules
Caspian Security
Run Anywhere
Features
Reference