Agent-ready Repo Audit
Service Policy
This is a plain-language service operating policy, not legal advice or a guarantee of legal compliance. It applies when incorporated into an accepted scope.
1. AI processing disclosure
- Agent Kits Lab uses AI-assisted tools, including Hermes and the engagement-specific model/API provider(s) named in the scope receipt, to inspect authorized material, classify findings, draft reports, and perform QA.
- AI output is untrusted draft evidence until checked against repository files, deterministic command output, or cited sources.
- Customer material is not intentionally used by Agent Kits Lab to train a public model. Third-party handling remains subject to the named provider/account terms.
- Confidential source is not intentionally pasted wholesale into remote prompts; excerpts, summaries, names, hashes, and local deterministic tools are preferred.
- Before payment, the scope receipt states
LOCAL_STATIC_ONLYor names every material remote AI/API provider expected to receive non-public content. A generic label is insufficient. - If provider selection changes, processing stops until the customer approves the revised provider or elects local/static-only handling.
2. Authorization and data minimization
- Only repositories/artifacts the customer owns or is authorized to provide may be audited.
- Intake excludes production credentials,
.envvalues, private keys, tokens, browser profiles, customer databases, personal data, and unrelated proprietary material. - Agent Kits Lab does not bypass access controls or seek broader permissions merely because credentials are available.
- Accidentally encountered secrets are redacted and described by location/type, not value.
3. Execution and isolation
- Default mode is static, read-only inspection.
- Customer build/test/lint/install scripts are not executed unless the accepted scope permits named commands and a suitable isolated environment is available.
- Isolation requires a disposable container/VM or equivalent; no inherited credentials; network off by default; bounded CPU, memory, disk, process count, and timeout; explicit output directory.
- If safe isolation cannot be established, commands are
NOT_RUN. Missing evidence is not relabeled as PASS. - Base-audit acceptance never authorizes repository writes, production deployment, destructive actions, or credential use.
4. Retention and deletion
| Data class | Default retention | Disposal |
|---|---|---|
| Intake and authorization record | 30 days after delivery | Delete from active working storage |
| Repository/worktree and raw artifacts | 7 days after accepted delivery | Practical secure deletion from active workspace |
| Report and QA record | 90 days | Delete, or retain with customer approval |
| Billing/transaction records | As legally/payment required | According to obligation |
| Security-incident evidence | Only as needed | Restricted deletion after closure |
- Early deletion may be requested, subject to legal/payment/security preservation.
- Deletion means removal from service-controlled active storage; instantaneous erasure from third-party backups/provider logs is not promised.
5. Confidentiality boundary
- Non-public code, architecture, findings, and business context are confidential and used only for accepted scope.
- Access is limited to the operator, named AI/tool providers, and necessary service infrastructure.
- Reports or customer identity are not used as samples, testimonials, training data, or marketing proof without separate permission.
- Exceptions include already-public information, independent development, lawful unrestricted receipt, or legally compelled disclosure.
6. Security incidents
- Stop processing and contain access.
- Preserve minimum evidence.
- Notify the customer promptly with known scope and unknowns.
- Recommend credential rotation where relevant.
- Document remediation and deletion.
- Do not publicly disclose customer details without permission unless required.
No absolute security guarantee is offered.
7. Delivery, corrections, and revisions
- Target delivery is within 5 business days after cleared payment and complete accepted intake. If capacity/scope cannot meet it, payment is not requested until revised terms are agreed.
- One clarification round is included within 7 calendar days when it requires no new repository version or analysis.
- Confirmed factual evidence errors reported within 14 calendar days are corrected without expanding scope.
- New commits, repositories, implementation, or materially changed requirements are new scope.
- Revised reports carry a version/date and change note.
8. Disputes, refunds, and limitations
- The parties first compare accepted scope, snapshot/commit, cited evidence, payment record, and delivered artifacts.
- If a deliverable is materially missing, Agent Kits Lab may complete it, correct it, or recommend an appropriate refund under accepted checkout terms.
- Disagreement with a rating, absent business outcomes, or later repository changes does not itself establish non-delivery.
- Payment/refund execution and custom legal/liability commitments require human approval.
- The audit is point-in-time engineering review—not legal advice, penetration testing, certification, warranty, or a guarantee of security, productivity, revenue, compatibility, or defect-free software.
9. Material service providers and changes
- Payment/commerce: Ko-fi and the connected processor process checkout/payment data. Final checkout displays the actual processor.
- Email: Cloudflare Email Routing forwards role-address mail to the operating mailbox; its provider processes the forwarded message.
- Remote AI/API: engagement-specific. Scope names each material provider before payment or states
LOCAL_STATIC_ONLY. - Material policy changes apply prospectively with a dated version; accepted work follows its incorporated version unless both parties agree or law/security requires a change.
10. Acceptance record
Intake is complete only when it records requester/authorization, exact snapshot/exclusions, execution permission, remote-AI mode/providers, retention exception, policy version, recipient, Agent Kits Lab scope acceptance, private checkout, and cleared-payment receipt.
Submitting an inquiry or intake does not itself create an accepted order. Scope is confirmed before private checkout.