Repo review first
SDF is for teams that want AI-assisted delivery without handing away review, merge, or deployment control.
We first review whether your repo and workflow are suitable for SDF Front Door. If they are, we install the check-only front door and run one bounded governed change with your team.
You see the evidence, verification, risk notes, and PR reviewer surface before deciding what to merge or deploy.
The review is assisted and scope-agreed. It is not a self-serve scan, not hosted enforcement, and does not mutate your repository.
Review before install
The first step is suitability. If the repo fits, SDF helps install the check-only front door and run one governed change.
First step
Where suitable
Buyer journey
Share the repo, delivery context, and the kind of AI-assisted change you want to govern. The first job is suitability: whether this repo has enough review and verification surface for SDF Front Door to help.
SDF is not for every repo. If the repo is not suitable yet, the review names the blockers instead of pretending installation is the right next step.
Where the fit is good enough, SDF helps install the check-only front door so future work can carry intent, acceptance criteria, risk notes, verification evidence, and review boundaries.
The first change is useful enough to matter and bounded enough to review. It leaves governed evidence attached to the PR without claiming automatic approval, merge, deploy, repair, or production enforcement.
Your team keeps review, merge, and deployment authority. SDF makes the work easier to inspect; it does not decide what ships.
What we review — and what we do not
Sharing a public repo URL, screenshots, CI/review notes, manual context, or an access preference helps scope the review. It does not connect GitHub, clone a repo, start scanning, mutate code, enforce rules, start automatic execution, repair code, monitor activity, or make production changes.
The review can stop at blockers if the repo does not yet have enough review or verification surface.
What can be reviewed, what stays out of scope, and what evidence is available are agreed before work starts.
Early reviews stay assisted. Shared context is not a repo connection, hosted scan, or automation trigger.
V0 boundary
The review and first governed change are assisted, scope-agreed, and human-reviewed. V0 does not claim hosted scanning, hosted enforcement, automatic repair, automatic approval, automatic merge, automatic deploy, billing-grade cost, measured savings, or continuous monitoring. `automatic_execution_permitted: false` remains the boundary.
Evidence review
The review looks for delivery surfaces that can support governed agentic work: visible review paths, verification evidence, ownership boundaries, and enough context to make one bounded change reviewable.
It is evidence-backed, assisted, and human/operator-reviewed. It is not a deep codebase scan, security certification, legal review, or automated analysis product.
The question is simple: can SDF Front Door make this repo's next AI-assisted change easier to inspect without taking control away from the team?
Whether the repo has visible verification surfaces that can support governed delivery.
How work reaches review, who approves it, and where review expectations are visible.
Run logs, PR evidence, acceptance criteria, and traceable delivery notes where they exist.
Signals for ownership, release confidence, and customer-owned approval boundaries.
Product rules, commercial commitments, operational ownership, permissions, provider coupling, persistence, and approval authority that may need explicit human review.
How AI-assisted work is already entering the delivery process and where governance gaps appear.
Assessment output
You walk away with an installed check-only Front Door where suitable, plus one governed PR that shows intent, risk, verification, boundaries, and review evidence attached to real work.
The current cloud-agent proof supports the reviewer surface: SDF can attach governed evidence to agent-generated work, check whether the PR exposes that evidence, and, with explicit permission, remediate a PR description from the governed record. That supports reviewer confidence; it does not claim code correctness or automatic merge.
What stays visible
The public site describes the buyer journey without exposing private customer reports, internal templates, or full operating playbooks.
Customer delivery stays private and review-gated.
Front Door install + first governed change
Where the repo appears to stand for governed agentic delivery.
The delivery signals, review surfaces, and evidence trails that support the finding.
Gaps that need attention before governed AI-assisted delivery can be trusted.
The reviewed route to install the check-only workflow where the repo is suitable.
Where AI usage, review burden, rework risk, verification effort, and evidence gaps may create hidden operating cost.
What is still uncertain, out of scope, or not claimed.
The safe bounded change to run first, with the PR reviewer surface checked against the evidence where the evidence supports it.
After the report
Recommended first change
SDF Front Door is check-only and review-gated. It makes evidence easier to see; it does not automatically remediate, approve, merge, deploy, enforce, or make production changes.
The first governed PR can be a real change the team already has lined up: a bounded feature, fix, refactor, dependency update, documentation boundary, or workflow improvement. Evidence depth scales with risk, but the human review gate stays fixed.
Want to see the end-to-end proof? Watch the controlled demo walkthrough.
Next step
See whether your repo is suitable for SDF Front Door.
Tell us what you are trying to govern with AI-assisted delivery. We will review fit first, then install SDF Front Door and run one governed change where suitable.
