Launching today

LGTM — Looks Good To Meow
Security-first AI that reviews entire repo, not just diffs
33 followers
Security-first AI that reviews entire repo, not just diffs
33 followers
LGTM reviews every pull request with specialized AI agents, runs 16 CI/CD security detectors, and ships a Runtime Watchdog that catches what static analysis misses. Unlike diff-only reviewers, it reads your entire codebase (tree-sitter + PageRank) so reviews understand context, not just syntax. Built for 5–50 dev teams. 🐱














genuinely curious about the threat model for the tool itself here, not the code it's reviewing. a security product with BYOK repo access plus a runtime watchdog is now holding your secrets and your production visibility in one place, which makes it a pretty attractive single target if it's ever compromised. is the runtime watchdog reading logs/metrics only, or does it have any write access to prod, and how is the BYOK key scoped so a breach of LGTM itself doesn't cascade into everything it's watching
@galdayan Really good question, and honestly the one I want to answer in public before anyone trusts me with their code.
Quick correction on framing. The Runtime Watchdog is a GitHub Action. It runs on your CI runner, not inside your production environment. It uses a scoped API token (pipeline:read only, you generate it yourself) and polls the LGTM API for a halt decision on the commit being pushed. No log ingestion, no metric scraping, no VPC peering, no agent inside your infra. It's also written to soft-fail on network errors, so an outage on our side never breaks your CI.
GitHub App scopes, straight from the manifest:
- Contents: read
- Pull Requests: read / write
- Checks: write
- Commits: read
That's the full list. No admin. No write on code. No repo secrets. LGTM can read your source at review time and post the verdict on your PR. It cannot push, delete branches, or bypass your branch protection.
On BYOK, your key stays your key:
- Encrypted at rest with AES-256-GCM (authenticated encryption).
- Read into memory only by the workers that actually call the model (reviewer, indexer, chat responder). Nothing else touches it.
- Never logged. Never proxied through a shared LGTM OpenAI account.
- Rate limits and spend caps live on your OpenAI account, not ours. You watch the spend in your own dashboard.
Happy to go deeper on any part of this. Thanks for asking the real question.
@looksgoodtomeow that's a genuinely thorough breakdown, way more than I expected. the read-only scope + soft-fail on network errors answers my actual worry, which was less about the manifest and more about whether a watchdog outage could brick someone's CI pipeline. appreciate you laying out the exact GitHub App scopes instead of just saying "trust us"
The PageRank trick is genuinely clever, my reviews actually caught a stale import that diff-only tools always miss. 16 detectors is a lot but the runtime watchdog is the part that sold me.
@nurcanolak93273 This made my day, a stale import that diff-only tools miss is exactly the case PageRank exists for, so it's great to hear it caught one in the wild. If you hit anything the watchdog flags that feels off (false positive or a miss), tell me,.. that feedback is worth more than any upvote right now 🐱
the full codebase indexing is what sold me on this, hope you can also let teams whitelist certain paths so the watchdog doesnt flag legacy stuff that cant be fixed right now
@basar95467 Great call, and yes, path-level allowlisting is the right answer for legacy you can't fix today. LGTM already supports this today!!
the tree-sitter + PageRank combo for codebase context is genuinely clever, most reviewers skim diffs and call it a day. also the cat naming alone shows whoever runs marketing gets it.
Ha, thank you, diff-only was the thing that bugged me most: a reviewer that can't see the rest of the repo is just a fancier linter. PageRank over the tree-sitter graph is what lets it actually reason about blast radius. Appreciate you noticing the thing under the hood 🐱
the cat pun made me actually smile while reading a security tool description, which feels like an impossible feat. the runtime watchdog angle is a genuinely smart differentiator from the usual diff-only reviewers cluttering the space right now.
@nurullahbekik Making someone smile at a security tool might be the achievement I'm proudest of, ngl. And exactly the whole bet is that "review the diff" stopped being enough once AI started writing half the code. The watchdog is there for what only shows up at runtime. Thanks for the kind words 🐱