100% private. Your source code never leaves your browser. Browser scans use a lightweight heuristic engine (no npm audit, no AST). For full analysis, run the server dashboard, open analyzer (auto-detected port), or upload a CLI report JSON.
Choose your preferred local static-analysis runtime.
Enter your license token and press Enter to authenticate.
Enter your email and we'll send you a 14-day sandbox token.
Choose how you want to sign in.
npx simplebeacon scan --gate --offline
Drop a report.json generated by the CLI, or load one from a previous scan.
Drop your report.json here
Only summary metadata metrics are compiled for signing.
Paste a report.json generated by the CLI above, or load one from a previous scan.
Press Ctrl+Enter to submit. Only summary metadata is used for certificate generation.
Run these commands from your repository root (CascadeProjects/).
npm install -g file:packages/simplebeacon-cli
node packages/simplebeacon-cli/bin/simplebeacon.js scan --help
Verify CLI is ready
node packages/simplebeacon-cli/bin/simplebeacon.js scan . --format json --output=report.json
Standard gate scan
node packages/simplebeacon-cli/bin/simplebeacon.js scan . --gate --offline
Gate-only (no network)
node packages/simplebeacon-cli/bin/simplebeacon.js scan . --complete --gate --format json --output=report.json
Full coverage + gate
node packages/simplebeacon-cli/bin/simplebeacon.js scan . --complete --gate --format json --output=eu-ai-act-report.json
EU AI Act assessment
Test this server (PowerShell)
curl http://localhost:PORT/api/simplebeacon
Check API health (replace PORT with your server port)
curl -X POST http://localhost:PORT/api/certificate/download -H "Content-Type: application/json" -H "Authorization: Bearer YOUR_TOKEN" -d '{"reportJson":{"type":"simplebeacon-report"}}'
Test certificate endpoint (replace PORT with your server port)
Click modules above to toggle which scans are included in your ZIP report.
No Node.js required. Grab your entire repo folder and drop it here.
Drag & Drop Project Directory
Heuristic parsing executes locally inside your browser's isolated tab memory. No source code or metrics ever leave your machine.
Or click to select a directory
{
"type": "simplebeacon-report",
"version": "1.3.0",
"generatedAt": "ISO-8601 timestamp",
"projectRoot": "string β redacted project label",
"gate": { "pass": boolean, "blockingCount": number },
"qualityScore": 0-100,
"totalFiles": number,
"issueCount": number,
"detectedIssues": [
{ "severity": "low|medium|high|critical",
"type": "string β rule category",
"count": number,
"filePath": "redacted relative path",
"rule": "string β pattern ID",
"impact": "string β business risk statement",
"fix": "string β remediation recipe" }
],
"summary": { "gatePass": boolean, "qualityScore": number }
}
No source code, AST, or file contents are transmitted. Only the summary JSON above leaves your perimeter.
Upload a JSON report from the CLI, paste one directly, or scan a folder in the Browser Sandbox.
Add notes for the AI agent (optional):
VS Code: Extension
Customize the information shown on your Executive Risk Certificate before downloading.
Access your SimpleBeacon dashboard.
New here? Switch to Create Account to register.