Home Features Pricing Documentation Services Contact DOWNLOAD
← Back to docs

Glossary

Quick definitions for every term that has a specific meaning in SiteCMD.

Every term SiteCMD uses with a specific meaning, in one place. If a word in the product or docs is doing more work than you think it is, it’s probably here.

Scan terms

Scan — A single run of SiteCMD’s check engine against a project. Produces a set of findings, a score, and updates the project’s history.

Run Scan — The user action that starts a scan. The top-bar button.

Live-site checks — The engine that fetches your URL and runs checks against the response. See Live-site checks.

Source audit / Code Scan — The engine that walks your linked source folder and analyzes files locally. See Source audit.

Polish signals — A subset of live-site checks that look for the patterns of vibe-coded sites. Inline-style density, AI-aesthetic gradients, em-dash overuse, default page titles, and similar.

Probe checks — Live-site checks that make their own follow-up HTTP requests (fetching /robots.txt, alternate URLs for security headers, etc.). Slower than HTML parse checks but run concurrently.

HTML parse checks — Live-site checks that operate on the page SiteCMD already fetched. Essentially free per scan.

Scheduled scan — A scan configured to run automatically on a schedule (hourly, daily, weekly). Runs in the background, even when the app window is closed.

Pre-deploy scan — A scan mode that skips checks requiring a live URL. Used by the CLI when scanning a build artifact before deployment.

Issue terms

Finding — A single thing SiteCMD detected. Also called an issue.

Severity — How bad a finding is if it’s real. Critical, High, Medium, or Low. See Understanding findings.

Confidence — How sure SiteCMD is that a finding is real. Confirmed, High, or Needs review.

Status — Where a finding sits in your workflow. New, Snoozed, Ignored, Blocked, or Verified.

Active findings — Findings in the New status. These count toward your score.

Dismissed — Catchall term for findings in any non-New status. The Dismissed view collects them.

Quick win — A finding whose fix guide marks the work as quick effort. Surfaced as a filter on the Issues page.

Score terms

SiteCMD Score — The headline number out of 100 that summarizes your project’s health. See The SiteCMD Score.

Impact — The per-issue penalty that goes into the score. The Issues list sorts by impact, not by severity alone.

Penalty curve — The math that turns “total penalty” into “score.” Linear up to 50 points, then saturated. Keeps the score from collapsing to zero on a site with many issues.

Score cap — A ceiling on your score based on confirmed criticals or highs. Critical cap is 49; high cap is 79. Only confirmed and high-confidence findings trigger caps.

Engine and architecture terms

Project — A single website tracked in SiteCMD. Has a name, one or more URL environments, and optionally a linked source folder.

Environment — One URL associated with a project, tagged with a role: production, staging, development, or local. Each project has one or more environments.

Linked source folder — A directory on your machine that SiteCMD is allowed to read for the source audit. Linked per-project.

Risk category — How SiteCMD groups findings for the score breakdown. Security, Performance, SEO, Accessibility, Database, Dependencies, Reliability, Compliance, Polish, AI safety, Architecture.

Detected framework — The framework SiteCMD identified for your project based on package.json, lockfiles, hosting config, and other markers. Used to pick framework-specific fix steps.

Integration terms

Integration — A connected third-party service that SiteCMD reads data from or writes findings to.

Cross-source correlation — When a scan finding and an integration event happen in the same window and SiteCMD ties them together. Gated to Core and above.

Ticket mirroring — Pushing a SiteCMD finding into GitHub Issues or Jira as a ticket. Gated to Core and above.

Webhooks — Outbound HTTP calls triggered by SiteCMD events. Gated to Pro.

CLI and developer terms

CLI — The sitecmd command-line binary. Same check engine as the desktop app, no UI, no auth. See CLI reference.

Quality gate — A CI step that fails the build if a scan’s score drops below a threshold. See Quality gates in CI.

MCP — Model Context Protocol, the standard SiteCMD’s AI integration speaks. See AI editor overview.

MCP serversitecmd-mcp, the binary that exposes scan data to MCP-capable AI editors. Bundled with the desktop app.

.sitecmd/ directory — Project-level configuration directory created by sitecmd init. Contains config.json (committed) and result files (typically ignored).

License and account terms

Tier — Free, Core, or Pro. See Tiers & pricing.

License key — The string you paste into SiteCMD to activate a paid tier.

Activation — Registering this machine with your license. Each license has a per-machine activation limit.

Offline grace period — The window during which premium features keep working when SiteCMD can’t reach the license server. Multiple days.

Storage terms

Storage directory — The per-user directory where SiteCMD keeps its local data. See Privacy & data for exact paths.

Audit logaudit.log in the storage directory. JSONL record of sensitive operations. Local-only.

OS keychain / credential store — Where SiteCMD keeps API keys and OAuth tokens. Keychain on macOS, Credential Manager on Windows, GNOME Keyring / KWallet on Linux. Never in the SiteCMD database.