GitHub App install
Secure your GitHub pull requests in seconds
Launchioo connects to GitHub to scan pull requests for secrets, SSRF, injection, and other vulnerabilities before merge — with deterministic rules and GitHub-native checks.
Read-only code analysis. No repository code is stored or copied.
Sign in first, then you’ll be redirected to GitHub to approve permissions
What happens after you click install
- 1
Redirect to GitHub
GitHub opens in a new tab so your Launchioo session stays active here.
- 2
Approve repository access
Choose which repositories Launchioo can scan. You control scope at install time.
- 3
Automatic PR scanning
Launchioo listens for new and updated pull requests via webhooks.
- 4
Results in GitHub checks
Security score, findings, and pass/warn/fail status appear directly on each pull request.
Why Launchioo needs these permissions
Read access to code and metadata
Used only to analyze pull request diffs for vulnerabilities. We scan changed lines — not your full repository on every event.
Read and write on checks and pull requests
Used only to post security scan results and review comments inside PRs. Launchioo never modifies your source code.
Webhook access
Used to trigger scans when pull requests are opened or updated.
Your code stays yours
- We never store full repositories
- We never clone or mirror your codebase
- We cannot modify your code or push commits
- Only security findings and scan metadata are stored
- You can uninstall the GitHub App at any time
We can
- Read pull request diffs
- Analyze code changes for vulnerabilities
- Post GitHub PR check results and review comments
We cannot
- Modify your repository code
- Push commits on your behalf
- Access billing or account settings
- Store full repository history
Ready to secure your pull requests?
Approve access on GitHub — scans start automatically on your next pull request.
Read-only analysis · Findings only · Uninstall anytime