Trust & Security

We built LaunchShield for developers who care about security. That means we hold ourselves to the same standard. Here's exactly what we access, how we handle it, and how you stay in control.

GitHub Access

  • Read-only — We request repo scope for read access. We never push code, create branches, or modify your repository.
  • GitHub Check Runs — If you enable PR scanning, we post a check status and an optional PR comment. That's the only write operation.
  • Revocable — You can disconnect GitHub access from your LaunchShield settings at any time, or revoke the OAuth app from your GitHub settings.

Data Handling

  • Ephemeral processing — Your source code is cloned into a temporary workspace, analyzed, and immediately destroyed. We never store source files on disk or in a database.
  • What we store — Analysis findings (title, severity, file reference, remediation), verdict data, and stack detection results. No raw source code.
  • Encryption — All data encrypted in transit (TLS 1.3). GitHub tokens encrypted at rest. Tokens never appear in logs.

Data Retention

  • Source code — 0 seconds retention. Destroyed immediately after analysis.
  • Analysis data — Retained while your account is active. Deleted on account deletion with full cascade (user → projects → runs → findings).
  • Account deletion — Delete your account from settings. All associated data is permanently removed.

AI & Semantic Analysis

  • Claude API — Our semantic analyzer sends code snippets to Anthropic's Claude API for deep security review. Anthropic does not use API inputs for training.
  • Minimal context — We send only security-relevant files (auth, config, API routes), not your entire codebase.

Infrastructure

  • Hosted on AWS — EU region. All services run in private subnets with no public access except load balancers.
  • Security headers — CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy on all responses.
  • Rate limiting — Redis-based per-user rate limiting on all endpoints to prevent abuse.

Questions?

If you have security concerns or questions about how we handle your data, reach out.

security@launchshield.dev