VrothSec installs on your GitHub repo and reviews every pull request for AI and cloud security issues — hardcoded keys, exposed endpoints, overpermissioned IAM, prompt injection risks, and more.
VrothSec receives pull request diffs from GitHub when you open or update a PR in a repo where the app is installed. We process this diff to identify security issues. We do not store your code or diffs after processing.
How we use your data
Diff content is sent to Google Gemini API for security analysis. It is not stored, sold, or shared with any third party beyond what is necessary to perform the review. Billing information is handled entirely by Paddle and is never seen or stored by us.
GitHub permissions
VrothSec requests read access to pull requests and write access to post comments. We do not access your repository code outside of the PR diff context.
VrothSec is a GitHub App that automatically reviews pull requests for AI and cloud security issues. By installing the app or purchasing a subscription, you agree to these terms.
Use
VrothSec is provided as a security assistance tool. Findings are AI-generated and should be reviewed by a qualified developer before acting on them. We do not guarantee that all security issues in your code will be detected.
Subscriptions
Subscriptions are billed monthly through Paddle. You can cancel at any time. Founding member pricing is locked in for the lifetime of your subscription as long as it remains active.
Liability
VrothSec is provided as-is. We are not liable for any security incidents, data breaches, or damages arising from the use or non-use of this service.
If you are unsatisfied within the first 7 days of your subscription, contact us for a full refund. No questions asked.
After 7 days
Refunds after 7 days are considered on a case-by-case basis. If VrothSec was not functioning as described, we will issue a refund for the affected billing period.
You can cancel your subscription at any time through Paddle. Cancellation takes effect at the end of your current billing period. No partial refunds for unused time.