Skip to main content
cubic is built by developers, for developers. We understand that your source code is your most valuable asset, so we designed our systems with security and privacy as a first-principle—not an afterthought.

Our guiding principles

  • Short-lived processing – We never permanently store your repository’s source code. Your code is fetched into an isolated, short-lived sandbox only while an AI review is running and is irreversibly deleted as soon as the job completes.
  • Encryption everywhere – All data is encrypted in transit (TLS 1.2+) and at rest (AES-256), including database records and object storage.
  • Least-privilege access – The cubic GitHub App requests the minimum scope required to perform reviews. No additional write-or-admin permissions are granted unless they are strictly necessary (see below).
  • Transparent operations – We publish this page so that every customer—current or prospective—can understand exactly how we treat their data. If you have questions, email us any time at contact@cubic.dev. Our data handling practices are further detailed in our Privacy Policy and use of the service is governed by our Terms of Service.
  • No AI model training on customer data – Our AI model providers (e.g., OpenAI, Anthropic) contractually commit that code snippets and metadata passed through their APIs are not used to train or improve their underlying models.

SOC 2 compliant

cubic is SOC 2 Type 1 compliant, demonstrating our commitment to security and trust for our customers. We maintain comprehensive controls for change management, access management, and vulnerability management.

Permissions requested by the cubic GitHub App

Granting the following scopes allows cubic to read pull-requests, leave review comments, and update PR status checks.
ScopeAccessWhy we need it
AdministrationRead-onlyAccess repository settings and organization information
ActionsRead & writeManage GitHub Actions workflows when Background Agents create fix PRs (read-only for basic reviews)
ChecksRead & writeSurface pass/fail status checks for AI review completion
CodeRead & writeRead: Fetch PR diffs and context for reviews. Write: Enable Background Agents to create fix PRs targeting your feature branch (never pushes directly to main or protected branches—all fixes go through PR review)
Commit statusesRead-onlyMonitor and display commit status in the cubic UI
DeploymentsRead-onlyAccess deployment information for integration purposes
IssuesRead & writeCreate issues for tracking review findings when configured (optional feature)
MetadataRead-onlyDisplay repository information inside the cubic UI
Pull requestsRead & writePost AI-generated review comments, resolve threads when feedback is addressed, and create fix PRs via Background Agents
WorkflowsRead & writeRun CI/CD checks on fix PRs created by Background Agents (read-only for basic reviews)
Note: You can install the cubic App on a single repository or an entire organization. Access is scoped to the repositories you select during installation, and can be modified at any time from GitHub’s “Installed Apps” settings page. Write permissions are primarily needed for the Background Agents feature, which creates separate PRs with proposed fixes—never direct commits to your main branch. The Background Agents feature uses Claude Code in an ephemeral sandbox to generate fixes, ensuring all changes go through your standard PR review process.
For extra peace of mind: While cubic never pushes directly to your main branch, you can enhance security by enabling branch protection rules. Configure branch protection rules on your main/default branch to prevent direct commits and require pull request reviews before merging. This ensures all changes—including those from cubic’s Background Agents—must go through your standard review process.

How AI code review works

  1. Event trigger – Whenever a pull request is opened or updated, GitHub sends cubic a webhook describing the event.
  2. Ephemeral sandbox – A new isolated container is launched. The sandbox has no network egress.
  3. Analysis – The pull-request diff and only the necessary context needed for reviewing the PR are processed by AI models.
  4. Comment publication – The generated review comments are posted back to the PR via the GitHub API.
  5. Secure teardown – The sandbox (filesystem, memory, logs) is destroyed immediately after the review finishes.
At no point is your repository cloned to a long-lived server or stored in a database. If the review is cancelled or the PR is closed, the sandbox is destroyed right away.

AI subprocessors

cubic uses best-in-class large-language models hosted by vetted providers (currently OpenAI and Anthropic). Our agreements with these subprocessors explicitly prohibit using your data for model training. Only the minimal code snippets required for the requested analysis are transmitted, and all requests are sent over encrypted channels. If your organization prefers to completely block AI features, please contact us and we can disable them for your workspace.

Logging & metadata

We record operational metadata only—for example, the duration of a review run or the size of the diff. Neither full source code nor pull-request diffs are written to our logs.

Reporting a security issue

If you believe you have found a vulnerability in cubic, please email our security team at contact@cubic.dev with the subject line “Security Vulnerability”. We investigate all reports promptly and appreciate the efforts of the security community.
I