CleverCrow

What GitHub access we use

GitHub access comes in two separate steps, and you control the second one entirely. Signing in identifies you and grants no access to any code. Code access happens only later, when a maintainer installs the CleverCrow GitHub App and picks the exact repos it can touch.

Signing in only identifies you

"Sign in with GitHub" uses GitHub to confirm who you are. The login reads your name and your organization and team membership (so we can check your permissions on repos you connect), and nothing else. GitHub shows you exactly this on its own screen before you confirm.

  • Your name and org and team membership
  • No repository access at sign-in: not read, not write

A Backer who signs in to fund issues but never installs the App has granted CleverCrow zero access to any code.

Code access is a separate step you choose

Repository access lives entirely in the GitHub App install, which is a maintainer action. When you install CleverCrow you choose exactly which repositories it can see, all of them or a hand-picked few, and you can change or revoke that selection in your GitHub settings at any time. The permissions below apply only to the repos you select. They never attach to your account just because you signed in.

What the App can do on repos you install it on

  • Contentsread and write

    Clone the repo, create a new branch, and push the agent's commits to it. CleverCrow pushes to a branch it creates, never to your default branch.

  • Issuesread and write

    Read the issue the agent is working on, and post status updates and reactions so you can follow along.

  • Pull requestsread and write

    Open a pull request with the agent's work for your review. CleverCrow opens the PR and stops; merging is always your decision.

  • Checksread only

    See whether CI passed on the agent's branch, so it can try to fix a failing build.

  • Commit statusesread only

    Read commit-level build and status results, for the same CI-fix loop.

The App also reads organization membership, the same membership the login reads, so it can tell who is a maintainer of the repo and is allowed to start a run.

What it deliberately won't do

  • Never merges for you. CleverCrow opens a pull request and stops. You review it and decide whether it lands.
  • Never pushes to your default branch. The agent's work goes onto a branch CleverCrow creates, leaving your main branch untouched until you merge.
  • Never touches repos you didn't select. Access is scoped to the exact repositories you chose at install.
  • Runs the agent without your credentials. The sandbox that runs the coding agent has no git or GitHub access at all; it only ever produces a proposed change, which a separate, branch-only step turns into a pull request.

Nothing runs without your action

Installing the App connects CleverCrow to your repos; it does not start anything. The agent runs only when a maintainer clicks Start on a specific issue, and you review every plan and every pull request before a line merges. You can uninstall the App, or remove individual repos, from your GitHub settings whenever you like.

How pledges workPrivacy policy