← ShieldMyAppDocumentation
📘 Docs Menu

GitHub Permissions

What access we request and why

Read access (required)

To scan your repository, we request read-only access to your repository contents.

What this allows:

  • • Read source code files
  • • Read package.json and lock files
  • • Read configuration files

Repository access

We only request the minimum access needed to scan your code.

What this allows:

  • • Read source code and dependencies
  • • Rescan when you click the Refresh button
  • • Nothing else

We never modify your code or push any changes to your repository.

What we don't access

  • • Issues, discussions, or wikis
  • • Repository settings or webhooks
  • • Other repositories you haven't authorized
  • • Your GitHub profile data (beyond username)

Revoking access

You can revoke ShieldMyApp's access at any time:

  1. 1. Go to GitHub Settings → Applications → Authorized OAuth Apps
  2. 2. Find ShieldMyApp
  3. 3. Click "Revoke"

After revoking, we can no longer access your repositories. Existing scan results remain in your account until you delete them.