v5.0.2 shipped — 121 tests green · JSON-clean output · full v5 module list

Inject production infrastructure into any project in minutes.

Auth, payments, monitoring, tests, security — AI-adapted to your existing code. Free to scan. Paid to inject. Cryptographically licensed.

Get started — $29/mo View on GitHub
~/projects/my-saas
pip install shadow-stack shadow-stack scan . Project ~/projects/my-saas Language: python Framework: fastapi Health score: 62/100 Missing (6): payments — Stripe checkout, subscriptions, webhooks email — Transactional email (Resend) ratelimit — Per-IP + per-user rate limiting monitoring — Sentry + /health endpoint webhooks — HMAC verification, retry deployment — GitHub Actions CI/CD Security issues: [CRITICAL] No password hashing detected [MEDIUM] Wildcard CORS (*) allows any origin Fix: shadow-stack inject .

What's in v5

A real release with real fixes. Tested with 112 passing tests. Cryptographically enforced.

v5 NEW

Framework-aware scanner

No more false-positive Python warnings on Next.js projects. Scanner now knows the difference between FastAPI, Django, Flask, Express, NestJS, and Next.js.

v5 NEW

5 Node modules

JWT auth (with bcrypt), helmet+CORS+rate-limit, Sentry monitoring with /health, Vitest with coverage, multi-stage non-root Dockerfile.

v5 NEW

Cryptographic licensing

Ed25519-signed license keys. Tampered or forged keys are physically rejected. No more "set any env var to bypass" tricks.

v5 NEW

AI provider fallback

If Anthropic rate-limits halfway through a 12-module inject, it auto-retries through OpenAI → Gemini → Groq → DeepSeek → Ollama. v4 used to fail the whole run.

v5 NEW

Git-branch rollback

Every inject creates its own branch. Review the diff, then merge with PR workflow or roll back by deleting the branch. No more "I ran inject and can't undo it."

v5 NEW

Recipes

One command for whole stacks. shadow-stack recipe apply saas . = auth + billing + email + monitoring in correct order.

16 production modules

Auth, payments, AI, database, email, queue, storage, ratelimit, monitoring, webhooks, security, logging, tests, docker, deployment, frontend.

6 AI providers

Anthropic Claude (default), OpenAI, Gemini, Groq, DeepSeek, Ollama (local). Pin one with an env var, or let it auto-pick the cheapest available.

Diff + cost preview

shadow-stack diff shows files before they're written. shadow-stack cost estimates AI tokens before they're spent. No surprises.

Pricing

Scans, audits, diffs, and cost estimates are always free. Pay only when you inject.

Free
$0
Unlimited scanning, auditing, and previewing
  • Unlimited scan
  • Unlimited audit
  • Unlimited diff
  • Unlimited cost estimates
  • All 16 module previews
Install free
Solo
$29/mo
Everything in Free, plus inject + recipes
  • Everything in Free
  • Unlimited inject
  • All 5 recipes (saas, mvp, api-only, ai-app, marketplace)
  • Module upgrade system
  • fix-wiring auto-router registration
  • Email support
Get Solo — $29/mo
Lifetime
$149
Solo, forever. One-time payment. Launch special.
  • Everything in Solo
  • One-time payment, no subscription
  • All future v5.x updates included
  • Limited to first 100 customers
Buy Lifetime — $149
Team
$99/mo
5 seats, Slack notifications, team sync
  • Everything in Solo
  • 5 seats included ($20/seat after)
  • Slack notifications on injects
  • Shared .shadowstack.yml sync
  • Priority email support
Get Team — $99/mo

Enterprise (self-hosted, Ollama-only, SLA)? Email shadowhunter89@proton.me

How shadow-stack compares

Honest comparison vs the alternatives.

Feature Cookiecutter ShipFast Cursor / Copilot shadow-stack v5
Works on existing projects
AI-adapts to your conventions
Framework-aware scanner
Recipe stacks (saas, mvp, etc.)
Cost estimator + diff preview
Git-branch rollback
Air-gapped / local (Ollama)
Python + Node both supported~
Cryptographically licensedN/AN/A

Ship faster. Stop copy-pasting boilerplate.

Free to install. Free to scan. Pay $29/month only when you actually inject modules.

Get Solo — $29/mo View on GitHub →