Saltar al contenido

Docs / Seguridad

Security

Least-privilege GitHub scopes, encrypted secrets, and the append-only audit log.

Security

developerz.ai is designed around the principle that a maintainer agent must be auditable, least-privilege, and honest — or it cannot be trusted in an OSS repo.

GitHub App permissions

The GitHub App requests only the scopes required for each action:

Scope Why
issues: write Post triage comments, apply labels, close duplicates.
pull_requests: write Post PR review comments, request changes.
contents: read Read .maintainer.yml, dependency manifests, and file diffs.
metadata: read Required by GitHub for all Apps.
statuses: read Check CI status before merge decisions.

Webhook events (issues, pull requests, pushes) are delivered through the App's event subscriptions, gated by the permissions above — GitHub Apps have no separate webhooks scope for receiving events.

The App does not request contents: write, administration, secrets, or any organisation-level scopes. It cannot push code, merge PRs directly (unless auto_merge: true and CI green), or access repositories outside those you explicitly grant.

Secrets and credentials

All credentials stored by developerz.ai are encrypted at rest:

  • Model keys (BYOK) — AES-256-GCM, unique IV per row. Decrypted in memory only at the moment of an API call; never logged or included in audit events.
  • Webhook tokens — same encryption scheme. Transmitted only outbound to the registered webhook URL via HTTPS.
  • GitHub installation tokens — short-lived (1 hour max), obtained on demand from the GitHub API, never persisted between requests.

Secrets are stored in Postgres on the komodo-worker-1 instance. The database is not publicly accessible; access requires a VPN tunnel or Komodo job runner.

The audit log

Every action taken by the agent is written to the append-only audit log before the action is executed. The log is the source of truth for what the agent did, when, and why.

Each entry records:

Field Description
actor Always developerz[bot] (the agent never impersonates a human).
repo owner/repo the event belongs to.
kind Event type: triage, handoff, escalation, pr_review, release, digest.
input The tool call or decision input (sanitised; no secrets).
output The result (GitHub API response code, comment ID, etc.).
visible_to_maintainer Whether the event appears in your dashboard feed.
created_at UTC timestamp.

Audit rows are append-only: no UPDATE or DELETE is issued against the audit_events table. The dashboard exposes a read-only view; raw rows can be exported via the API (coming soon).

Bot disclosure

The maintainer agent always discloses its identity. Every comment includes a footer:

🤖 This comment was generated by the developerz.ai maintainer agent.

The bot never impersonates a human, never omits the footer, and never posts under any GitHub account other than developerz[bot].

No bot-on-bot loops

The agent detects comments from other bots (CodeRabbit, Copilot, Dependabot, Renovate) and defers to them rather than creating conflicting threads. A comment from developerz[bot] never triggers another loop iteration.

Responsible disclosure

Found a security issue in developerz.ai itself? Email security@developerz.ai. We aim to acknowledge within 24 hours and resolve critical issues within 72 hours. Please do not open a public GitHub issue for security reports.

Data handling

  • Issue and PR text is sent to the selected inference provider (Anthropic / OpenAI / Google Gemini) under your own API account. Your provider's data-handling terms apply.
  • Repository code is not stored by developerz.ai; only file diffs relevant to the current event are forwarded to the model.
  • Audit logs are retained for 90 days by default; contact support to extend retention.
  • developerz.ai is hosted in the EU (Hetzner). For enterprise data-residency requirements, contact hello@developerz.ai.