Getting started
Connecting your first repo
Wire up GitHub or GitLab once. VibeReview reads your code in ephemeral compute, builds the threat model, and generates the starter guardrail set. Ten minutes start to finish.
VibeReview needs read access to the repo you want covered. The GitHub App and GitLab App handle that with scoped, short-lived OAuth tokens. Code is profiled in per-request compute and never persisted on our servers.
Step 1: install the app on your provider
Open VibeReview's dashboard. Pick the source-control provider. Install the GitHub App on the org and pick which repos. GitLab works the same way through the GitLab App. Read-only access by default.
Step 2: pick a starter repo
We recommend a service with clear entry points and at least one auth path. The threat model lights up faster when the surface is well-defined. Microservices and modular monoliths both work.
Step 3: review the threat model
Within minutes you'll see entry points, trust boundaries, data flows, and AI failure modes mapped to your code. Edit the assumptions you disagree with. Approve. The guardrails generate from that model.
Step 4: install the MCP server in your IDE
One command registers VibeReview's MCP server with Cursor, Claude Code, Copilot, or Codex. Your next prompt picks up the matching guardrails. The IDE doesn't change. The agent's output does.