Why do I need AbyssGuard if I use AI to code?
AI coding tools are incredible at generating code fast — but they don't know your business rules. They write auth code without knowing who should have access, payment code without server-side pricing, webhook handlers without signature verification. AbyssGuard catches what your AI can't know — the gap between generated code and safe production code.
Can't I just review the code myself?
You could — if you had time to read every line your AI generates. But AI-assisted teams ship 10x faster, and manual review hasn't scaled to match. AbyssGuard catches the patterns AI tools consistently get wrong so you can focus your review on the business logic only you understand.
What if I don't see any findings in my free scan?
That's actually good news — your repository is cleaner than most. But the free scan uses preview methods only. Paid plans unlock the full catalog with deeper auth, payment, and data-flow checks that catch issues preview methods can't reach.
Does AbyssGuard support mobile app projects?
Yes. AbyssGuard now detects React Native, Expo, Flutter, Android, iOS, and Capacitor source and checks source-visible mobile risks such as insecure token storage, cleartext traffic, broad iOS ATS exceptions, risky WebView settings, sensitive Android permissions, and mobile API endpoint exposure. APK/IPA reverse engineering stays a separate paid or specialist path.
Is vulnerability scanning included?
Yes. AbyssGuard includes automated vulnerability scanning with built-in rules and optional open-source scanners for SAST, SCA/dependencies, secrets, IaC, containers, SBOM, passive live URL checks, Nuclei, OWASP ZAP, and AI-generated-code guardrails when explicitly authorized. It is not marketed as a penetration test or certification.
Can I upgrade or downgrade anytime?
Yes. Upgrade instantly and your current month's plan allowance carries over. Downgrade at the end of your billing cycle. Yearly plans can switch to monthly after the year ends.
What happens if I cancel my subscription?
Monitoring stops — your repository keeps changing and we stop watching it. Historical reports remain accessible for their retention period, but scheduled scans and scan-on-commit stop. Most builders stay on because AI-generated code keeps accumulating.
Do you store my source code?
No. Your source code is treated as temporary scan input — we analyze it, extract findings, and discard the source. AbyssGuard stores only the normalized report data (file paths, severity, finding descriptions) so you can review results without turning your codebase into our database.
Is this a replacement for penetration testing?
No. AbyssGuard is automated vulnerability scanning and static/source analysis with deterministic rules and optional open-source tools. It catches known dangerous patterns in AI-generated and human-written code. Penetration testing involves active exploitation and remains a separate, explicitly authorized service. Use AbyssGuard for continuous monitoring, pen tests for final validation.
Why is Builder the most popular plan?
Builder covers 5 repositories with scheduled deep reviews, implementation-ready repair packets, targeted verification rescans, and the included PR-check model. Most serious builders maintain several active projects and need the weekly monitoring rhythm that Starter can't provide.