Countervail·Expose·Repo Intake

Code-Based Intake

Repository analysis is one intake pathway within Countervail Expose. It provides a high-signal automated starting point, but Expose is designed to combine code evidence with vendor review, governance questionnaires, policy materials, AI exports, and matter-specific facts.

Use this page when a technical team can provide a public GitHub repository or ZIP archive. The scan does not judge code quality or decide legal obligations. It helps build the first custody map: what records may exist, where they may live, who may control them, and what questions counsel, compliance, or insurance teams should ask next.

Scan a repository

Best when a technical team can provide a public GitHub repo or ZIP archive.

Enter known vendors

Best when business or counsel knows the stack but does not have code access.

Complete assessment

Document retention, deletion, access, observability, and transfer posture.

Review exports

Start from ChatGPT/Claude exports, transcripts, or matter materials.

What this repo connection does: Expose reads repository files to identify systems that may create or hold AI interaction records. No code is changed. This is an evidence intake, not a security penetration test or source-code quality review.

Public repositories can be scanned without authentication. Private repositories require GitHub sign-in and repository access.

Try a public demo repository:

Do not have repository access? Expose can also start from known vendors, system descriptions, exports, policy documents, or a legal matter profile. Use Vendor Explorer, Assessment Wizard, or Content Scanner.