Skip to content
Proof layer · CodeTrussRev A · 2026-07-15

Make every agent change prove it belongs.

local by default — explicit sync only

CodeTruss is the proof layer for AI-written code. Put a local boundary around each agent change, share only the receipts you explicitly sync, and use hosted audits to understand the health of the whole codebase.

Boundary
Agent-time proof
History
Explicit receipt sync
Health
Full-codebase audit

Boundary · History · Health

One proof system, from prompt to codebase.

BoundaryLocal · before the PR
Record the task and starting Git state, enforce scope, flag sensitive surfaces, run 13 registry analyzers plus your verification commands, and write an integrity-signed receipt.
HistoryExplicit sync · organization scoped
Receipts stay local until you choose one to sync. Sync sends a privacy-minimized copy for organization history and shared review; it never uploads the patch or verification output.
HealthHosted · whole codebase
Run a read-only repository audit with the registry suite plus graph and SAST passes, health scores, architecture maps, findings, and an issue roadmap.

Install + activate · macOS + Linux

curl -fsSL https://codetruss.com/install.sh | sh
codetruss setup
  • 13 registry analyzers stay local
  • One guided setup, then automatic checks
  • Integrity-signed Markdown + JSON

§ 01What you receive


One codebase audit produces four exhibits. Deliverables — not a lecture.

Exhibit A

Architecture map

Every module, edge, and cycle — drawn from the real symbol graph, not a stale wiki page.

Example architecture map: modules app, lib, api and prisma with import edges, and a three-file import cycle flagged in red.

Exhibit B

Health certificate

Five scores that tell you where the risk actually lives, weakest marked in red.

Certificate of Health

Snapshot a1b2c3 · Read-only


STRUCT
HEALTH
TESTS
SEC
DOCS

Example health certificate with scores: structure 87, health 74, tests 71, security 64 (weakest, marked in red), docs 93.

Exhibit C

Issue roadmap

A punch list of findings, ranked and filed as labeled GitHub issues under a milestone.

FindingSevEff
  • Vendored dir committed: .agent/ (1,862 files) HIGHM
  • No CI pipeline detected HIGHS
  • Deep nesting in geminiService.ts MEDS

Ranked by severity × effort · filed as GitHub issues

Exhibit D

Fix PRs

Approve a finding and CodeTruss opens the branch and the pull request. Nothing ships without you.

codetruss/fix-a1b2c3 → mainOpt-in
- const apiKey = 'sk-live-9f3…'- writeFileSync(out, data)+ const apiKey = process.env.API_KEY+ if (!apiKey) throw new Error('API_KEY missing')+ await writeFile(out, data)

§ 02Method


  1. Connect

    Install the GitHub App on the repositories you choose — and nothing else.

    LEAST-PRIVILEGE GITHUB APP · REVOCABLE

  2. Snapshot

    CodeTruss takes a read-only tarball of your default branch. Your code is never executed.

    READ-ONLY TARBALL · NEVER EXECUTED

  3. Analyze

    A policy-selected analyzer suite walks the symbol graph and source: structure, import cycles, tests, secrets, SAST, and known vulnerabilities.

    STATIC ANALYSIS · SAST · SYMBOL GRAPH · OSV

  4. Roadmap

    Findings become labeled GitHub issues under a milestone, with a tracking issue on top.

    LABELED ISSUES · MILESTONE · TRACKING ISSUE

§ 03The deliverable


The audit ends as a typeset report you can hand to a client, a CTO, or your future self: scores, architecture, findings, and a prioritized plan, enriched with AI review and shared as a read-only link. Freelancers and agencies deliver it as the codebase audit their engagement is billed on. Don’t take our word for it: the specimen shown here is a real audit of a repository you already trust.

send it to the client as-is — or white-label it

Specimen · Engineering audit

expressjs/cors


OVERALL
DEBT
ARCH
SEC
DOCS

Shared read-only

§ 04Fee schedule


Free

Try CodeTruss on a single repository.

1 repository · 5 scans a month · health scores & basic reports

$0

Pro

For solo developers and freelancers.

10 repositories · 50 scans · full reports, exports, fix PRs, your own AI keys

$29 / mo

☛ recommended

Agency

For agencies delivering audits to clients.

Client workspaces · white-label reports · 200 repositories · 25 seats

$249 / mo


Full fee schedule

Prepared by CodeTruss — the proof layer for AI-written code.

Signed · 2026-07-15

Footnotes

† Read-only tarball snapshot. Your code is never executed. GitHub App access is least-privilege and revocable.