Last updated: March 5, 2026
ShipShield provides automated security scanning for software repositories hosted on GitHub. When you purchase a scan, we clone your repository, run a suite of open-source security analysis tools, synthesize the results using AI, and deliver a professional PDF report.
Each security scan costs a one-time fee of $25 USD per repository. Payment is processed securely through Stripe. There are no subscriptions or recurring charges. You only pay when you initiate a scan.
If a scan fails to complete after all automated retries have been exhausted, we will issue an automatic full refund to your original payment method. Refunds for completed scans are not provided, as the service has been fully delivered. If you believe there is an issue with your report, please contact us at hello@shipshield.dev.
Your code is never stored permanently. We clone your repository, perform the scan, and delete all cloned files within 10 minutes of scan completion. We do not share your source code, scan results, or personal information with any third parties. Stripe handles all payment data; we never see or store your card information. For the AI-powered report synthesis, we send only structured tool output (vulnerability metadata) to the language model, not your raw source code.
By connecting your GitHub account, you grant ShipShield read-only access to your repositories for the sole purpose of performing security scans. We access only the repository you explicitly select for scanning. You can revoke access at any time through your GitHub settings.
Repositories must be under 100 MB to be eligible for automated scanning. If your repository exceeds this limit, contact us at hello@shipshield.dev for a custom quote.
This automated security scan is not a substitute for a professional penetration test or security audit. ShipShield provides automated static analysis and should be used as a supplement to, not a replacement for, professional security review. We do not guarantee that all vulnerabilities will be detected or that the report will be free of false positives. ShipShield is provided "as is" without warranty of any kind, express or implied.
To the maximum extent permitted by law, ShipShield and its operators shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenue, arising from your use of the service. Our total liability for any claim shall not exceed the amount you paid for the scan that gave rise to the claim.
We may update these terms from time to time. If we make material changes, we will notify you by email or by posting a notice on our website. Continued use of the service after changes constitutes acceptance of the updated terms.
For questions about these terms or the service, contact us at hello@shipshield.dev.