Audit a private codebase
Run a full security and correctness review with ArxAudit — without exposing the source.
This guide runs a complete ArxAudit review over a private repository. The source is read only inside the sealed boundary and destroyed when the audit completes.
1. Point ArxAudit at the repo
arxcode audit ./payments-service
Your code is encrypted client-side and routed to a sealed, attested node. Nothing is uploaded in plaintext.
2. Read the findings
ArxAudit returns severity-ranked findings (Critical → Info), each with a file and line reference, a short reproduction, and a suggested fix as a diff-ready patch.
| Severity | Act |
|---|---|
| Critical / High | Fix before shipping. |
| Medium | Schedule a fix. |
| Low / Info | Review and triage. |
3. Apply fixes
Hand a finding to ArxCode Studio to apply the suggested patch and verify it against your test suite — all in the same sealed session.
4. Re-audit the delta
After fixing, run a delta re-audit that scans only what changed, lowering $ARX cost:
arxcode audit ./payments-service --since HEAD~1
5. Export the report
arxcode audit ./payments-service --report audit.pdf
The exported report contains findings and fixes — never your raw source.