Security
developerz.ai is designed around the principle that a maintainer agent must be auditable, least-privilege, and honest — or it cannot be trusted in an OSS repo.
GitHub App permissions
The GitHub App requests only the scopes required for each action:
| Scope | Why |
|---|---|
issues: write |
Post triage comments, apply labels, close duplicates. |
pull_requests: write |
Post PR review comments, request changes. |
contents: read |
Read .maintainer.yml, dependency manifests, and file diffs. |
metadata: read |
Required by GitHub for all Apps. |
statuses: read |
Check CI status before merge decisions. |
Webhook events (issues, pull requests, pushes) are delivered through the App's event
subscriptions, gated by the permissions above — GitHub Apps have no separate webhooks
scope for receiving events.
The App does not request contents: write, administration, secrets, or any
organisation-level scopes. It cannot push code, merge PRs directly (unless auto_merge: true
and CI green), or access repositories outside those you explicitly grant.
Secrets and credentials
All credentials stored by developerz.ai are encrypted at rest:
- Model keys (BYOK) — AES-256-GCM, unique IV per row. Decrypted in memory only at the moment of an API call; never logged or included in audit events.
- Webhook tokens — same encryption scheme. Transmitted only outbound to the registered webhook URL via HTTPS.
- GitHub installation tokens — short-lived (1 hour max), obtained on demand from the GitHub API, never persisted between requests.
Secrets are stored in Postgres on the komodo-worker-1 instance. The database is not
publicly accessible; access requires a VPN tunnel or Komodo job runner.
The audit log
Every action taken by the agent is written to the append-only audit log before the action is executed. The log is the source of truth for what the agent did, when, and why.
Each entry records:
| Field | Description |
|---|---|
actor |
Always developerz[bot] (the agent never impersonates a human). |
repo |
owner/repo the event belongs to. |
kind |
Event type: triage, handoff, escalation, pr_review, release, digest. |
input |
The tool call or decision input (sanitised; no secrets). |
output |
The result (GitHub API response code, comment ID, etc.). |
visible_to_maintainer |
Whether the event appears in your dashboard feed. |
created_at |
UTC timestamp. |
Audit rows are append-only: no UPDATE or DELETE is issued against the audit_events table.
The dashboard exposes a read-only view; raw rows can be exported via the API (coming soon).
Bot disclosure
The maintainer agent always discloses its identity. Every comment includes a footer:
🤖 This comment was generated by the developerz.ai maintainer agent.
The bot never impersonates a human, never omits the footer, and never posts under any
GitHub account other than developerz[bot].
No bot-on-bot loops
The agent detects comments from other bots (CodeRabbit, Copilot, Dependabot, Renovate)
and defers to them rather than creating conflicting threads. A comment from developerz[bot]
never triggers another loop iteration.
Responsible disclosure
Found a security issue in developerz.ai itself? Email security@developerz.ai. We aim to acknowledge within 24 hours and resolve critical issues within 72 hours. Please do not open a public GitHub issue for security reports.
Data handling
- Issue and PR text is sent to the selected inference provider (Anthropic / OpenAI / Google Gemini) under your own API account. Your provider's data-handling terms apply.
- Repository code is not stored by developerz.ai; only file diffs relevant to the current event are forwarded to the model.
- Audit logs are retained for 90 days by default; contact support to extend retention.
- developerz.ai is hosted in the EU (Hetzner). For enterprise data-residency requirements, contact hello@developerz.ai.