Security

Your data. Your control.

We take security seriously — not just because we have to, but because we're developers too.

ZERO TOKENS STOREDREAD-ONLY ACCESSNO TRACKINGDELETE ANYTIMERESPONSIBLE DISCLOSURESERVER-SIDE SCORINGZERO TOKENS STOREDREAD-ONLY ACCESSNO TRACKINGDELETE ANYTIMERESPONSIBLE DISCLOSURESERVER-SIDE SCORING
Tokens Stored0
OAuth ScopeRead-Only
Disclosure Response48h
Data SellingNever
What We Do
OAuth Tokens Are Ephemeral

We never store your GitHub OAuth token. Authentication happens via Better Auth, tokens are session-scoped, and we never persist them.

Read-Only Access

We request read-only GitHub OAuth scope. We cannot push code, modify repos, or access private data beyond what you authorize.

Server-Side Scoring Only

All AI analysis runs on our servers. Your GitHub data is never sent to third-party AI providers in raw form — we extract metrics, not content.

Delete Anytime

Delete your GitRating account and all associated data from the dashboard. No hidden copies, no retention.

No Ads, No Tracking

We don't run ads, embed tracking pixels, or sell data. Analytics are minimal and aggregate only.

Responsible Disclosure

Found a vulnerability? Email security@mozen.in. We respond within 48 hours and work with you before public disclosure.

Data Transparency
We Access
Public GitHub profile
Display name, avatar, bio
Public repositories
Names, descriptions, languages, stars, forks
Commit metadata
Recency, frequency, patterns — never diffs
Repository languages
Per-repo language breakdown for stack analysis
We Never Access
Private repositories
Source code or file contents
Email addresses
GitHub OAuth tokens
Pull request or issue content
Get your Engineering Score