Privacy
Privacy is part of the product surface.
VibeAudit inspects source locally to derive redacted structural security evidence. It exports file paths, sizes, package metadata, line numbers, detector labels, and control summaries. It does not export raw source code, source snippets, prompts, raw lockfile contents, or secret values by default.
Free defaults
Free scans may show sponsored fix rails and disclose anonymized audit-pattern learning. Raw source code is not collected or trained on by default, and sensitive security findings stay gated.
Paid defaults
Paid workspaces are private by default, show no ads, and exclude paid security scans from training unless explicitly opted in. Security findings are treated as sensitive.
Local storage
The dashboard may store generated Launch Files and a signed paid-entitlement token in browser local storage when you choose those actions. The token lets same-origin server APIs verify paid access.
Roast submissions
Roast My Launch submissions store the submitted origin, builder tool, optional handle, optional email, consent attestations, timestamp, and review status. Contact fields are used only to coordinate the manual teardown and are deleted when no longer needed.
