Skip to main content
VibeAudit

Privacy

Privacy is part of the product surface.

VibeAudit inspects source locally to derive redacted structural security evidence. It exports file paths, sizes, package metadata, line numbers, detector labels, and control summaries. It does not export raw source code, source snippets, prompts, raw lockfile contents, or secret values by default.

Free defaults

Free scans may show sponsored fix rails and disclose anonymized audit-pattern learning. Raw source code is not collected or trained on by default, and sensitive security findings stay gated.

Paid defaults

Paid workspaces are private by default, show no ads, and exclude paid security scans from training unless explicitly opted in. Security findings are treated as sensitive.

Local storage

The dashboard may store generated Launch Files and a signed paid-entitlement token in browser local storage when you choose those actions. The token lets same-origin server APIs verify paid access.

Roast submissions

Roast My Launch submissions store the submitted origin, builder tool, optional handle, optional email, consent attestations, timestamp, and review status. Contact fields are used only to coordinate the manual teardown and are deleted when no longer needed.