← Go back

Privacy Protocol

1. Data Minimization

We do not store source code post-analysis. All cloned repositories are purged from memory and ephemeral storage immediately after the AST traversal is complete.

2. Audit Logging

We log metadata about scans (repository URL, scan time, number of findings) to improve our detection heuristics. No sensitive environment variables or proprietary logic is ever recorded.

3. Information Security

Access to audit reports is restricted to authenticated auditors. Certificates of Integrity are public by design to facilitate trust in the ecosystem.