Support & FAQ

No. Code is processed in ephemeral containers and deleted immediately after scanning. We store finding metadata and redacted evidence excerpts — never your raw source code. See Security & Privacy.

No. VibeScan is a scanning pipeline — it returns structured JSON findings with severity, evidence, and remediation hints. Claude and ChatGPT read these findings and explain them using their own intelligence. No LLM runs on VibeScan's servers.

Secret detection and dependency scanning work on any language. SAST rules currently cover JavaScript, TypeScript, Python, Go, Ruby, Java, PHP, and C#. AI pattern rules focus on JavaScript/TypeScript and Python — the most common AI-generated languages.

AI models sometimes generate import or require statements for packages that don't exist on npm or PyPI. These phantom names are a supply chain risk — an attacker could register the name and publish malicious code. VibeScan checks every dependency against the real registry.

Sign in with GitHub or Google at /app/keys and create one. Free tier — no card needed. For paid plans, purchase on the pricing page and your key is emailed. You can also create additional keys at /app/keys.

API keys are SHA-256 hashed — we can't recover them. Go to /app/keys, revoke the lost key, and create a new one.

Yes. Create as many as you need — one per integration (Claude, ChatGPT, CI) is a good practice. All keys share the same tenant's scan quota.

Yes, on Pro and above. Install the VibeScan GitHub App at /app/integrations. The app requests read-only access to repository contents. Tokens are encrypted at rest.

queued → waiting for a worker. running → pipeline executing. completed → all engines finished. partial → some engines failed but results available. failed → scan could not complete. cancelled → you cancelled it.

One or more scanning engines had an error, but others completed successfully. Check the degradedScanners field in the scan result to see which engine(s) failed. Findings from the working engines are still returned.

Go to /app/billing and click "Manage Subscription" to open the Stripe billing portal. Cancel from there. Your plan stays active until the end of the billing period, then downgrades to Free.

No. Only scans that reach completed or partial status count. Failed and cancelled scans do not consume quota.