How Firstlight handles your source

On the free-tier local backend the assessment runs inside your own infrastructure, against your own AI plan (Claude Code, Codex, Copilot — your call). Nothing is uploaded. We never see your code; there is nothing for us to keep.

A hosted run pulls your repo with a short-lived, fine-grained GitHub token you generate, scoped read-only to that single repository — used to clone, then dropped. The workspace is ephemeral scratch (tmpfs); it is destroyed when the run finishes. No persistent disk, no bucket writes, no second use of the token.

A hosted scan provisions cloud resources only after a person approves it — sign up, pay, submit the repo URL and token, and the run waits on a one-click approval before anything spins up. The signup, payment and submission steps are never blocked; only the scan run waits.

Customer source is Confidential — never logged in cleartext, never used to train a model, never replayed to a third-party tool without your explicit consent. The assessment uses it, scores it, and is done with it.

Every run is logged — a hash of the repo, token count, cost, start and finish times — and nothing customer-identifying. On hosted runs the repo identifier in the record is a hash, never your source. The trail is one of the eight artefacts you get back: a defensible record of every assessment.

Customer-uploaded source is treated as Tier 3 / Confidential under the Millwater Consulting data-classification standard. Millwater Consulting is New Zealand-domiciled. Found a security issue in Firstlight itself? Email security@millwater.consulting — we'll acknowledge and work it with you.