Security & trust

Your code stays yours.

Handing your codebase to strangers requires trust. We earn it structurally — with permissions, incentives and access rules — not with promises.

Read-only, always

Our GitHub App can read code — never write, never touch settings, never act as you. There is no code path that modifies your repo.

Only the repos you pick

Access is granted per repo when you install the app. Everything else on your account is invisible to us and to reviewers.

Revocable in one click

Uninstall the GitHub App and all access ends instantly — ours and every reviewer's. You don't have to ask us.

Never used for training

Your code is fetched to run your analysis and your review. It is not used to train models, not resold, not mined.

Access ends with the review

If a review is cancelled or refunded, the reviewer loses code access immediately — they keep only their own notes and comments.

Money held until delivery

You pay upfront, but funds are released only when your review is delivered. No reviewer claims it? Automatic full refund.

Who gets to see your code

Not everyone can become a reviewer. By design.

Reviewers go through the same process you'd put a senior hire through — because that's effectively what they are. Most applicants don't make it in.

01

Résumé & portfolio check

Verified work history and real shipped products — not just a profile that says 'senior'.

02

Technical interview

A working session with us, the way you'd interview an engineer you're about to trust with production code.

03

Test review, graded

Every applicant reviews a real codebase. We grade the review itself: depth, accuracy, and whether the guidance actually helps.

04

Rated on every job

After acceptance, customers rate every delivered review 1–5 stars. Quality slips, and reviewer status is revoked.

Under the hood

How access actually works

  1. 1

    You install our GitHub App

    GitHub's own permission system enforces the boundary: the app is granted read-only content access to the specific repos you select — this isn't our policy, it's GitHub's infrastructure.

  2. 2

    Reviewers never get your repo

    Reviewers read your code through our platform, which fetches files using short-lived tokens scoped to your installation. They don't clone it, they don't get GitHub access, and they can't share a link to it.

  3. 3

    Every read goes through one door

    All code access flows through a single audited path with per-review permission checks — customer, assigned reviewer, nobody else. That's also where access is cut off the moment a review is refunded.

Trust is the product.

We review code for a living — our own access model has to hold up to the same scrutiny. Connect a repo and see for yourself.