Skip to content

Getting Started

Caspian-Explorer edited this page Feb 7, 2026 · 1 revision

Getting Started

Installation

From VS Code Marketplace

  1. Open the Extensions view (Ctrl+Shift+X)
  2. Search for "Caspian Security"
  3. Click Install

From VSIX File

  1. Download the .vsix file from the Releases page
  2. Open VS Code
  3. Press Ctrl+Shift+P (or Cmd+Shift+P on Mac)
  4. Search for "Extensions: Install from VSIX"
  5. Select the downloaded file

Your First Scan

Once installed, Caspian Security activates automatically when you open a supported file. There are two ways to start:

Auto Check (Default)

Simply open or edit any supported file. Security analysis runs automatically as you type with a 1-second debounce. Issues appear as diagnostic squiggles in the editor.

Manual Scan

  1. Open the Command Palette (Ctrl+Shift+P)
  2. Run "Caspian Security: Check Current File"
  3. Issues appear in the editor and in the Problems panel (Ctrl+Shift+M)

Workspace Scan

To scan your entire project:

  1. Open the Command Palette (Ctrl+Shift+P)
  2. Run "Caspian Security: Check Entire Workspace"
  3. All supported files are scanned (excluding node_modules)
  4. A progress indicator shows scan status — click to cancel at any time

Scan Modes

Mode Trigger Description
Auto Check As you type Real-time analysis with 1-second debounce (enabled by default)
Check on Save File save Full check on every save (enabled by default)
Manual Scan Command Palette Scan current file or a specific category on demand
Workspace Scan Command Palette Scan all supported files in the project with progress
Uncommitted Scan Command Palette / SCM menu Scan only git-modified files
Dependency Check Command Palette / Workspace scan Check for outdated packages and known vulnerabilities

The Results Panel

After running a scan, open the interactive results panel:

  1. Command Palette > "Caspian Security: Show Results Panel"
  2. Or click on any diagnostic squiggle and use the Quick Fix menu

The results panel shows:

  • Summary -- total issues grouped by severity (Error / Warning / Info)
  • Issue table -- each issue with file, line, rule code, description, and confidence badge
  • Actions per issue:
    • AI Fix -- generate a context-aware AI fix
    • Verify -- re-scan to confirm resolution
    • Ignore -- suppress the issue and write to .caspianignore
    • Go to Line -- jump to the issue in the editor
  • Export buttons -- JSON, CSV, and SARIF export in the panel header

Commands Reference

Open the Command Palette (Ctrl+Shift+P) and search for any of these:

Command Description
Caspian Security: Check Current File Scan the active file
Caspian Security: Check Entire Workspace Scan all supported files
Caspian Security: Run Full Security Scan Scan all categories
Caspian Security: Fix Issue with AI Generate an AI-powered fix
Caspian Security: Configure AI Fix Provider Set up API key for Claude, GPT-4, or Gemini
Caspian Security: Verify Issue Resolution Re-scan to confirm an issue is resolved
Caspian Security: Ignore Issue Mark as ignored, write to .caspianignore
Caspian Security: Show Results Panel Open the interactive results panel
Caspian Security: Export Results to JSON Export as JSON
Caspian Security: Export Results to CSV Export as CSV
Caspian Security: Export Results to SARIF Export SARIF v2.1.0
Caspian Security: Scan Uncommitted Files Scan only git-modified files
Caspian Security: Check Dependency & Stack Updates Check for outdated packages

Additionally, there are 14 category-specific commands (e.g., "Check Authentication & Access Control", "Check Input Validation & XSS") to scan for a single category.


Supported Languages

Language File Extensions
JavaScript .js, .jsx, .mjs, .cjs
TypeScript .ts, .tsx, .mts, .cts
Python .py
Java .java
C# .cs
PHP .php
Go .go
Rust .rs

Next Steps

Clone this wiki locally