Is this just a scanner running on a timer?
No. The fleet does the mechanical passes, but a human engineer reproduces and prunes every finding before delivery. The value is what gets cut, not what gets flagged. The microblog sample even has a section listing things that are not problems.
What if you find nothing?
That is a finding. You get the green scorecard plus a clear account of what we checked and why the repo is solid. A clean bill from a real audit has value.
Do you keep my code?
No. Your code is cloned into a throwaway working directory and deleted at close-out. Any read-only access key you issue should be revoked afterward; we remind you to. Secrets are reported by type and location only, never by value.
Can you guarantee my app gets approved?
No one honestly can. What we give you is the real reason behind the rejection, the exact changes to make, and an honest read on the odds. We are engineers, not lawyers.
What languages and stacks do you cover?
Node, Python, Swift/iOS, Go, and most mainstream web stacks. If your repo is out of scope, we say so within the first hour and refund, no charge.