Install
Install OSS Protector on your GitHub.
We'll only ask for what we need: read-only access to pull request metadata and diffs so we can review them. We never write to your repos — no comments, no status checks — and never clone code.
Required GitHub permissions
Pull requests · read
Read PR metadata and diffs. We never post comments or status checks.
Metadata · read
Repo names, stars, and contributor counts.
Account profile · read (limited)
Public handle, account age, public commit history.
Code contents
We never read your code, never clone, never store diffs.
Issues & discussions
We don't touch issues, comments outside our own, or wikis.
Open audit trail. Every API call we make is logged to the public audit ledger. Your security team can review the call history per-org.