GitHub
List repos, default branches, updated dates, package files and deployment config.
Authorised repo map
Connect read-only repository services safely.
Discovery connectors map repositories you authorise. Tokens stay in the private local engine environment and are never written into public reports.
No hidden scanningSelected sources onlyNo cloud upload by default
GitLab
List accessible projects with namespace, visibility and updated date.
Bitbucket
List workspace repositories where your account token has access.
Self-host later
Leave room for Azure DevOps, Codeberg, Gitea and Forgejo without changing the dashboard.
Private engine commands
Run from the local-engine folder. Tokens stay outside the public dashboard.
GITHUB_TOKEN=read_only_token npm run discover:github
GITLAB_TOKEN=read_only_token npm run discover:gitlab
BITBUCKET_USERNAME=user BITBUCKET_APP_PASSWORD=token npm run discover:bitbucketPermission rule
Only scan folders, accounts and servers you own or have explicit permission to inspect.
Action rule
Discovery creates reports and queues. Move, delete, archive or repair actions require a separate explicit choice.
Proof rule
Private reports keep technical detail. Public-safe exports hide paths, source detail, tokens and repair internals.