Security & trust
Your code stays yours.
Handing your codebase to strangers requires trust. We earn it structurally — with permissions, incentives and access rules — not with promises.
Read-only, always
Our GitHub App can read code — never write, never touch settings, never act as you. There is no code path that modifies your repo.
Only the repos you pick
Access is granted per repo when you install the app. Everything else on your account is invisible to us and to reviewers.
Revocable in one click
Uninstall the GitHub App and all access ends instantly — ours and every reviewer's. You don't have to ask us.
Never used for training
Your code is fetched to run your analysis and your review. It is not used to train models, not resold, not mined.
Access ends with the review
If a review is cancelled or refunded, the reviewer loses code access immediately — they keep only their own notes and comments.
Money held until delivery
You pay upfront, but funds are released only when your review is delivered. No reviewer claims it? Automatic full refund.
Who gets to see your code
Not everyone can become a reviewer. By design.
Reviewers go through the same process you'd put a senior hire through — because that's effectively what they are. Most applicants don't make it in.
Résumé & portfolio check
Verified work history and real shipped products — not just a profile that says 'senior'.
Technical interview
A working session with us, the way you'd interview an engineer you're about to trust with production code.
Test review, graded
Every applicant reviews a real codebase. We grade the review itself: depth, accuracy, and whether the guidance actually helps.
Rated on every job
After acceptance, customers rate every delivered review 1–5 stars. Quality slips, and reviewer status is revoked.
Under the hood
How access actually works
- 1
You install our GitHub App
GitHub's own permission system enforces the boundary: the app is granted read-only content access to the specific repos you select — this isn't our policy, it's GitHub's infrastructure.
- 2
Reviewers never get your repo
Reviewers read your code through our platform, which fetches files using short-lived tokens scoped to your installation. They don't clone it, they don't get GitHub access, and they can't share a link to it.
- 3
Every read goes through one door
All code access flows through a single audited path with per-review permission checks — customer, assigned reviewer, nobody else. That's also where access is cut off the moment a review is refunded.
Trust is the product.
We review code for a living — our own access model has to hold up to the same scrutiny. Connect a repo and see for yourself.