Back to home
Security posture

Security and data handling

A plain-language summary of what data TriRev accesses, what it stores, and what happens when something goes wrong.

Diff-only analysis

TriRev reviews only the unified diff of each pull request - the lines that changed. It does not fetch your full repository, branch history, unrelated files, or any content outside the diff hunk.

This is enforced by the GitHub App permission model. TriRev requests pull_requests: read and contents: read at the minimum scope required to retrieve a diff and post a review comment. It cannot read files that are not part of the PR.

Zero code retention

Code from your diff is not stored. After the review job completes, the diff content exists only in the transient memory of the review worker for the duration of that job. It is not written to a database, cache, log file, or object store.

What is retained: review metadata - repository name, PR number, delivery ID, timestamp, and job status. This metadata is used for billing metering and incident debugging. It does not include code content, file paths from the diff, or comment text.

TriRev does not use your code to fine-tune or train any model. The underlying language model (Claude by Anthropic) is invoked via API with your diff as context for that single request only.

GitHub permission scopes requested

TriRev requests the following GitHub App permissions. No others.

Permission Access level Purpose
pull_requests Read and write Read PR metadata and diff; post the unified review comment
contents Read Fetch diff content for the changed files in the PR
metadata Read Required by GitHub for all Apps; provides repository name and visibility

Write access on pull_requests is used exclusively to post review comments on the PR. TriRev cannot push code, modify branches, merge PRs, or access issues, wikis, or any other repository resource.

Incident response

If a security issue is confirmed, the response timeline is:

P0 - Critical Active exploit or confirmed data exposure: contained within 1 hour, with immediate notification to affected users and disclosure as required.

P1 - High Confirmed vulnerability with an exploit path: addressed within 4 hours.

P2 - Medium Suspected abuse or partial exposure risk: investigated within 24 hours.

Token rotation (webhook secret, App private key) can be completed in under 10 minutes. The GitHub App can be suspended immediately from the App settings page to stop all webhook delivery while an investigation is in progress.

To report a security concern, contact us at support@trirev.dev. Please include as much detail as possible so we can reproduce and address the issue promptly.

We do not currently offer a bug bounty program. Responsible disclosure is appreciated and we will acknowledge your report.