FAQ
Common questions
Answers sourced from how the system actually works, not from marketing copy.
What does a scan actually do?
When you authorize a scan, StackProof fetches the selected repository from GitHub, runs a file selection pass to identify relevant source files, then sends those files to two AI agents running in parallel. On Pro those agents are two distinct Gemini models (Gemini 3.1 Pro and Gemini 3 Flash); on Lifetime BYOK they run on the models behind your own keys. Each agent produces a set of findings (security issues, architecture observations, code quality signals) with citations to specific files and line ranges. A reconciler service cross-validates both agents outputs and resolves disagreements. The final report includes a 0-100 score, per-finding evidence, and an optional prose summary. The cloned repo files are deleted after analysis completes.
Can I scan private repositories?
Yes. StackProof uses GitHub OAuth with the "repo" scope, which grants read-only access to your private repositories. The access token is stored AES-256-GCM encrypted in the database and is only decrypted at scan time. StackProof does not retain a copy of your source code after the scan finishes. If you prefer not to grant broad repo access, you can use a GitHub Personal Access Token with read-only scope restricted to specific repos only.
How does citation verification work?
Every finding an AI agent produces must reference a specific file path and line range from the repository snapshot. The Bailiff service checks that the cited file actually exists in the snapshot. It uses a fuzzy +/-5-line tolerance to accommodate slight drift in the model line number estimates. Findings that cannot be verified against the snapshot are either rejected or downgraded. The scan report includes a verification rate (citations verified vs. total AI checks run) so you can see the quality of evidence for any given scan.
What happens if one AI agent fails mid-scan?
The scan does not silently fall back to a cheaper model. If one agent is unreachable or times out, the scan completes using the other agent output without the consensus step, and the report is flagged as degraded in its metadata and in the report view. If both agents fail, the scan fails entirely and your quota is not decremented. The failure reason is returned to the client.
What are deep scans, re-scans, and why do they have separate quotas?
A deep scan is a full analysis: file selection, dual-agent AI pass, citation verification, reconciliation, and scoring. A re-scan is a lightweight re-verification pass over files already flagged in a prior scan. Re-scans are scoped to the file paths from the parent scan, so they use roughly 20% of the token budget. Pro includes 8 deep scans and 16 re-scans per month, tracked with separate counters. Scout gets 1 free starter scan with no re-scan capability.
What does the Lifetime BYOK plan actually require?
BYOK (Bring Your Own Keys) means you supply API keys for at least two AI providers from the set: Anthropic, Google, and OpenAI. You cannot configure two keys from the same provider. Your keys are encrypted with AES-256-GCM and stored in the database; they are only decrypted at scan runtime. The platform never logs key values. You pay your AI providers directly per scan; StackProof charges nothing per scan beyond the one-time purchase. The LTD tier entry price is $697 (Tier 1 early-bird pricing).
How is the score calculated?
The scan score starts at 100 and deductions are applied for each verified finding based on severity. A reconciler compares both agents outputs and produces a consensus score. If you have a prior scan of the same repository, the report also shows a score delta (the change since the last scan) and whether the score moved up, down, or stayed flat. The score is meant to track trend over time, not to be a definitive security certification.
Does StackProof train on my code?
No. StackProof does not train any models on your code or commit history. The AI providers used (Anthropic, OpenAI, and Google) operate under API tiers with contractual no-training terms. Your code is processed ephemerally and the cloned files are deleted after the scan completes.
How long are scan reports kept?
Scan report retention is user-configurable from your dashboard. The default is to retain reports. If you delete a report, a GDPR-compliant proof hash is retained (the hash cannot be used to reconstruct the report). Interview session transcripts are soft-deleted after 30 days. Full account deletion removes all reports and account data within 30 days.
How does the job board match score work?
Job match scores are calculated across multiple dimensions including skill overlap with your repo analysis, posting freshness, and AI-forward signals in the job description. The match engine uses skill evidence extracted from your scans rather than a list of keywords you entered, so the match reflects what you have actually shipped.
Can I cancel Pro, and is there a refund?
You can cancel Pro at any time from your dashboard. Cancellation takes effect at the end of the current billing period; your account reverts to Scout after that. StackProof does not provide pro-rated refunds for partial billing periods. Lifetime BYOK is non-refundable after 7 days from purchase; within 7 days, contact hello@stackproof.app for a full refund.
What is the career packet?
The career packet is the prose report generated for Pro and Lifetime scans. It includes a narrative summary of findings, skill evidence drawn from your repos, and interview preparation material based on the scan results. It is generated by a narrator agent (Gemini Flash) using the structured findings as its only input, so every claim in the prose traces back to a verified finding. The career packet is yours to use, share, or export as you see fit.
Still have questions? hello@stackproof.app
Read the security page