For investors and founders

Replace the first twenty hours of technical DD.

The next twenty are for judgement, and that's where deals actually get made. Point us at any repository: thirty AI specialist agents and one hundred deterministic rules return an evidence-backed readiness report in under an hour. For investors deciding which targets are real. For founders who want to be pitch-ready, not pitch-checked.¹

Join the waitlist Read the methodology

Read-only access
Source never leaves your workspace
NZ-domiciled

Sample report · No.0284acme-saas · 0a7f3b9

Readiness Report №0284Completed

Commercial SaaS frameworkRuntime 47:12

Overall

72/100 · B+

Blockers

3critical

Evidence

284items

CodeFindingSev

SEC-014Hardcoded API key in src/integrations/stripe.ts:42Critical
OPS-007No rollback runbook documented for production deploysCritical
TEN-003Tenant context leaks across logger metadataCritical
ARC-021Service-layer untested; integration coverage at 14%High
DOC-002API spec missing for 6 of 11 v1 endpointsHigh

4 frameworks · 30 agents · 100+ rules+279 more

Frameworks

Specialist agents

Deterministic rules

100+

Avg. runtime

47 min

Cost per assessment

$5 cap

Audit trail

End-to-end

How it works

From repository to decision, in three movements.

We instrument the technical-readiness portion of diligence so the partner spends their hour on the founder, not the codebase.

Phase 01, Collect

Connect.

Install the read-only GitHub connector (Personal Access Token, scoped to read). Link one repository or an entire organisation. We never clone, publish, or retain source after assessment. Revocable in one click.

Phase 02, Reason

Assess.

We run 100+ deterministic rules and 30 AI specialist agents against the framework you choose. Every finding cites a control code; code-pattern findings additionally cite a file location (with a line range when the agent can pinpoint it). The rule layer is fully reproducible run-to-run.

Phase 03, Report

Decide.

Investor-grade report with executive summary, maturity matrix, blocker queue, and remediation workbook. Re-run quarterly to track movement against itself.

Frameworks

Four lenses. One source of truth.

Most tools generate output. We narrow it. Each framework is a structured rubric of controls, run by specialist agents against real evidence. Modular rule packs by language, framework, deployment target, or compliance regime.

+ 18 modular rule packs

FW.0123 controls
Technical Due Diligence
Architecture · Documentation · Testing maturity
Investor / acquirer
FW.0251 controls
Commercial SaaS
Packaging · Onboarding · Multi-tenant isolation
Launch readiness
FW.0318 controls
Enterprise Release
Governance · Rollback · Operational resilience
Deployment readiness
FW.0425 controls
Security Baseline
IP & licensing · Secrets · Authorisation
Posture & provenance

№	Framework	Lens	Scope
FW.01	Technical Due Diligence Architecture · Documentation · Testing maturity	Investor / acquirer	23 controls
FW.02	Commercial SaaS Packaging · Onboarding · Multi-tenant isolation	Launch readiness	51 controls
FW.03	Enterprise Release Governance · Rollback · Operational resilience	Deployment readiness	18 controls
FW.04	Security Baseline IP & licensing · Secrets · Authorisation	Posture & provenance	25 controls

Honest scope

What we replace. What we don't.

Restraint is the feature. Tools that promise everything decide nothing. We compress the technical-readiness portion of diligence and stop there. Knowing where the line is is what makes the signal worth trusting.

Inside scope

What we replace

First-pass technical screen on a target's GitHub
Architecture, security, ops, and code-quality review
Documentation, testing maturity, release governance
Reproducible rule findings with file path provenance (line range where available)
Cross-target comparison for portfolio triage

Outside scope

What we don't

Customer references and revenue / churn analysis
Penetration testing or live-system security work
Financial DD, legal review of customer contracts
Patent / IP search beyond connected source code
The judgement of an experienced operator at the table

Read the full methodology

For investors

“I don’t need more data. I need to know which five percent matters. That’s what they give me, every quarter, on every company I back. Same investor-grade rigour, same evidence trail, same place to argue with the score.”

Partner

Late-stage technology fund

Join the waitlist

Portfolio dashboard

Every company you back, side-by-side. Maturity band, risk level, score delta since last quarter.

Trend tracking

Quarterly re-runs surface movement. Know which companies are levelling up, which are sliding.

Risk concentration

Spot which companies in your portfolio are commercially exposed before the board meeting, not in it.

Board-ready exports

Clean HTML report with executive summary, KPIs, matrices, and a remediation queue. Built for LPs, not engineers.

For builders

The founders who walk in already knowing the score are the ones who close it.

Run the same investor-grade assessment on your own codebase. Quarterly self-DD. Decide which technical debts matter enough to ship before the partner meeting. Ignore the rest with receipts in your back pocket.

Join the waitlist

Pre-fundraise prep

See your score before the partner meeting. Walk in with the receipts, not the surprises.

Acquirer's-eye view

Find what they will flag, before they flag it. Same rules, same agents, same evidence trail.

Engineering north star

Quarterly self-DD so technical debt does not compound silently between board reviews.

Onboarding map

Hand new engineers a structured tour of the system, with the rough edges already labelled.

Deliverables

Seven artefacts. One run.

Every assessment ships distinct deliverables, each built for a different audience, partners, founders, engineers, LPs.

Executive summary

One page. Board-ready. Plain English score, the three things to fix, the three things working.

Technical findings

Full report with file citations on every code-pattern finding (with line range when the agent can pinpoint it). The evidence behind the score.

Remediation workbook

Quick wins and effort estimates. The list a CTO can hand to their team on Monday morning.

AI-agent script

Machine-readable action plan. Feed it to your in-house coding agent or copy-paste into Cursor.

Code quality report

Maturity scoring across architecture, testing, ops, security, and documentation lenses.

Audit trail

Every rule evaluated, every evidence item cited. So your IC has nothing to argue with the auditor about.

JSON export

Machine-readable findings and evidence. Pipe it into your own tooling, BI stack, or LP dashboard.

Pricing

Priced by portfolio size.

Three subscription tiers, plus Sovereign on the roadmap for self-hosted deployments where source can't touch a third-party LLM. AI cost is BYOK today: bring your own Anthropic or OpenAI key, capped per assessment so spend stays predictable.

Scout

$499USD / month

Solo angels & scouts · BYOK

Join the waitlist

Most chosen

Partner

$1,999USD / month

Funds & family offices · BYOK or managed

Join the waitlist

Fund

Customfrom $4,999 / mo

PE, multi-fund, M&A · all managed

Join the waitlist

See full pricingNeed a self-hosted deployment with a configurable AI endpoint? Talk to us about Sovereign , scoped per engagement.

Trusted because

The defaults we ship with.

Read-only by design

Read-only GitHub connector. We never clone, publish, or retain source after assessment.

No model training

Your code and findings are never used to train AI models, ours or the providers'.

Auditable evidence

Every finding cites a control; code-pattern findings cite a file location (with a line range when the agent can pinpoint it). No opaque AI scores.

Let's talk

One repo. Thirty minutes. Walk away knowing.

Bring any repository you have read access to. We'll run a live assessment with you. We won't be the loudest tool in your inbox. We'll be the one that earns the second meeting.

Join the waitlist Talk to us