Public repositories only
GitHub Launch Audit accepts public https://github.com/owner/repo URLs. Do not submit private repository links, API keys, passwords, customer data, or internal company URLs.
Português
Security and trust
How JinMing Lab handles your data
JinMing Lab is built to be useful without asking for private code or unnecessary account data. The launch audit is rules first: it checks public repository signals and turns them into a release checklist.
No private code requirement
You can use the main audit and tool pages without granting GitHub OAuth access. The product does not need your private repositories to be useful.
Rules before AI
The core checks are deterministic: README, env examples, CI, deployment, release process, and security signals. AI-style wording is used only to make the report easier to read.
Account safety
When accounts are enabled, passwords are hashed, session cookies are HttpOnly, unsafe writes use CSRF protection, and admin access requires 2FA by default.
Abuse protection
The app uses security headers, host allowlists, rate limits, retired-route blocking, and bot protection. C++ online execution is disabled for public launch.
Data control
If you want account or saved data removed, contact privacy@vantaapi.com. Local browser data can also be cleared from your own browser.
Before you submit
Use a public repository root URL only
Remove secrets from code before putting it on GitHub
Do not paste passwords, tokens, private source, or internal links
Review the generated report before using it for a real release