SHADOW is a Microsoft Edge browser extension that supercharges NinjaOne administrators with powerful, secure tools for managing, comparing, and migrating scripts and monitoring policies. SHADOW integrates directly into the NinjaOne web interface and connects seamlessly with your private GitHub repository for version control and change auditing.

Disclaimer: This is a private, independent project and is in no way officially affiliated with, endorsed by, or sponsored by NinjaOne, Inc.

Use at your own risk.

• Compare uploads match backups. The Compare with GitHub overlay now uploads JSON exports that mirror Backup Now outputs, including scriptVariables and other metadata so GitHub repositories stay perfectly aligned.
• Safer JSON reconstruction. Script metadata is refreshed on demand and raw code is preserved during compare-mode exports, preventing missing variables or truncated content in uploaded files.
• Documentation refresh. Updated release notes to highlight the compare workflow parity and reliability fixes included in 1.1.3.

• OBVIOUS Template Library integration. Launch the new OBVIOUS Template Library (Operational Bundles of Valuable IT Operations Utility Scripts) overlay to browse curated manifest-driven packages, cherry-pick templates, and import their scripts plus related custom fields with checksum validation and backup awareness. Because finding the template library should be OBVIOUS for everyone.
• Improved manifest tooling. Progress overlays now surface per-package status, highlight skipped templates, and summarize successes, failures, and backup prerequisites for faster remediation inside NinjaOne.
• Reliability refinements. Background-assisted GitHub fetches, smarter language handling, and better error messaging keep large-scale template imports resilient even when MFA prompts or rate limits appear.

• Download Scripts / Download Scripts (JSON) – Export your entire NinjaOne script library as either PowerShell packages or raw JSON archives with SHA-validated payloads for compliance, cold storage, or tenant migrations.
• Import Scripts from JSON – Queue any number of SHADOW exports for re-import, automatically assign them to the SHADOW script category, and skip unsupported languages while respecting the backup guardrails.
• Compare with GitHub – Launch a full-screen diff overlay that progressively loads large libraries (50–1000 files), highlights status buckets, filters results, previews inline diffs, and queues uploads per detected language/extension. JSON uploads now mirror Backup Now outputs, preserving script variables/parameters so GitHub exports stay identical to local backups.
• Import from GitHub – Browse the connected repository directly inside NinjaOne, multi-select PS1/SH/BAT/JS/VBS/PY/CMD/JSON assets, choose a destination category (or preserve source categories), and import them in bulk with progress feedback and auto-refresh.

• Compare Templates – Analyse your environment against the official NinjaOne Template Library, review the remediation list, and optionally apply or skip updates with confirmation prompts.
• OBVIOUS Template Library – Retrieve curated packages from AdvanceYourIT/SHADOW-Templates, validate checksums, and import scripts plus related custom fields directly inside NinjaOne using the Operational Bundles of Valuable IT Operations Utility Scripts workflow.

• Device Custom Fields – Export / Import – Back up device-level metadata or restore field definitions from JSON exports, with per-file validation and backup enforcement.
• Organization Custom Fields – Export / Import – Move customer-specific metadata between tenants and ensure the definitions stay consistent across environments.
• Location Custom Fields – Export / Import – Keep branch/location data aligned by exporting and re-importing standardized definitions with a single click.

• Backup Now – Run a full backup from the System Dashboard that collects scripts and custom fields, applies automatic path sanitisation, honours the “force local backup” setting, and uses hardened, rate-limited GitHub writes.

• Bulk Policy Assignment – Apply a monitoring policy to a selected device role across every organisation at once via an overlay that supports progressive loading, select-all toggles, and real-time success/error reporting.

• Backup Security Overlay – Track when backups were completed, view the daily status, and require a same-day backup before any script or field import can proceed.

• Add Unmanaged Devices – Open an overlay with curated ITAM parent/child templates grouped by technology stack, preview icon matches from your existing tenant, and queue role creation with automatic batching, countdown pauses, and resume prompts that avoid MFA lockouts.
• Import Unmanaged Devices – Load JSON template files generated by SHADOW to reproduce complex ITAM role structures in new tenants while reusing stored custom fields and hierarchy metadata.
• Export Unmanaged Devices – Capture your current unmanaged-role definitions as JSON for audit trails, change reviews, or peer sharing.
• Automations include smart batching, MFA-friendly pauses, resume prompts, and clear success/error toasts to keep long deployments reliable.

• Works with every NinjaOne domain worldwide (Europe, Canada, Australia, multi-tenant, and more).
• Buttons, overlays, and settings are injected directly in the NinjaOne UI with streamlined refresh handling for a smooth operator experience.
• All automation respects strict security practices with validated inputs, encrypted credential storage, secure GitHub rate limiting, and migration helpers that remove any legacy plaintext tokens.

• Download SHADOW from the Microsoft Edge Add-ons Store
• Open NinjaOne in Microsoft Edge and ensure the SHADOW icon appears in your browser bar.

1. Log in to GitHub.
2. Click the + icon (top right) and choose New repository.
3. Enter a repository name (e.g., ninjaone-scripts).
4. Set Visibility to Private.
5. (Optional) Add a README file.
6. Click Create repository.

1. Go to GitHub Settings → Developer settings → Personal access tokens.
2. Select Tokens (classic) or Fine-grained tokens.
3. Click Generate new token.
4. Name your token (e.g., SHADOW Extension).
5. Set an Expiration as needed.
6. Scopes:
   • For classic tokens: Enable at least repo (full control of private repositories).
   • For fine-grained tokens: Select your repository and enable Contents: Read and Write.
7. Click Generate token and copy it securely (you won't see it again).

1. Click the SHADOW extension icon in Edge.
2. Fill in:
   • GitHub token
   • Repository (e.g., username/ninjaone-scripts)
   • Branch (e.g., main)
   • (Optional) Path (subfolder in your repo)
   • Max files to process (defaults to 300; allowed range 50–1000)
   • Auto-refresh comparison after upload (enable to reload the diff overlay automatically)
   • Force local backup (skip GitHub upload and always download ZIPs locally)
   • Enable debug logging (optional troubleshooting switch that redacts secrets)
3. Click Test Connection and review the success banner, then choose Save Settings to persist your preferences.
4. If anything looks off, SHADOW now highlights the exact field that needs attention before encrypting and storing your GitHub details.

• Backup: Export all scripts from NinjaOne to a local ZIP archive or your GitHub repository via the Backup Now button, benefitting from automatic path sanitization and secure GitHub API writes.
• Bulk Update: Import multiple scripts by selecting one or more unpacked JSON files for upload to NinjaOne.
• Audit/Compare: Compare scripts in NinjaOne with versions in your GitHub repository to identify differences and maintain consistency.
• Custom Field Migration: Export device, organization, or location custom fields from one tenant and import them into another.
• Policy Rollout: Apply a monitoring policy to a device role across every organization with Bulk Policy Assignment.
• ITAM Template Deployment: Use the unmanaged-device overlays to add curated templates, or import/export JSON packs to keep roles aligned across tenants.

• GitHub tokens are stored encrypted using AES-GCM and never in plaintext.
• Strict permissions and hardened content security policy by default.
• All user inputs—including repository names, folder selections, and file paths—are sanitized before any GitHub call is attempted.
• Every GitHub read/write flows through the secure wrapper with token validation, rate-limited requests, and hardened error handling to prevent misuse or credential leakage.
• Bulk backup uploads validate each generated destination path and abort safely if sanitization fails, keeping your repository free of unexpected files.

• NinjaOne administrators with multiple tenants or environments.
• IT teams and MSPs using version control for scripts.
• Anyone who wants a fast, reliable, and auditable workflow for automation content in NinjaOne.

For questions, feedback, or feature requests, please open an issue in this repository or contact the maintainer.

Disclaimer: This is a private, independent project and is in no way officially affiliated with, endorsed by, or sponsored by NinjaOne, Inc.

Use at your own risk.