LumioGuard watches your code and live services, catches problems before your users feel them, and readies the fixes.
One scan reads your code, then your live stack: Supabase advisors and error logs, Vercel deploy health, Neon consumption, GitHub security alerts. Over 240 checks, each mapped to a failure you'd recognize — outage, breach, surprise bill, broken deploy.
When production drifts — errors climbing, latency past its budget — a finding opens on its own, scrubbed of anything personal at the edge. And it never arrives empty-handed: a step-by-step guide, ready-to-run SQL, or a reviewable pull request when the fix is safe to automate.
Low-risk fixes arrive as pull requests on a stackguard/fix/* branch — never your default branch, never a silent write. Database fixes are reversible SQL you run yourself; riskier changes come as drafts or guides. Every fix carries a breakage analysis. You merge in-app.
The moment a fix lands, a two-hour watch opens on production — first check two minutes in. Every check compares the new deploy against the last one: healthy, failing, or needs attention. One bad reading never fails a deploy — and if the watch ends badly, the finding flips to needs attention instead of counting as fixed.
Apply a fix and a re-scan confirms the finding is actually gone before it counts — a code-only scan can't "confirm" a database fix. And every finding is fingerprinted: if a resolved issue ever creeps back, it reopens itself.
Something new turns up, the alert goes out — email or signed webhook, filtered by the severity threshold you set. Quiet hours hold the noise; a daily digest rolls up the rest. And three shareable reports are one click away.
Every scan rates six pillars from 0 to 100, and your stack health score is the mean of six. No green-light theater — each number is backed by specific checks and the code or service config that triggered them. And one critical flips the verdict to "Needs attention," no matter how good the average looks.
Is your data and access safe? Catches RLS turned off, RLS on with no policies, service-role keys shipped to the client, and long-lived auth OTPs — before real users hit them.
Will it scale under load? Flags missing foreign-key indexes, large sequential scans on growing tables, and a disabled connection pooler — the query shapes that get slower with every tenant you add.
Is spend under control? Surfaces no spend cap set, scale-to-zero left disabled, and consumption patterns that turn a busy day into a surprise invoice — named before the statement lands.
Pipeline and release safety. Checks for unprotected preview deploys, fork builds running with secrets, and an end-of-life Node runtime — the release gaps that ship straight to production.
Errors, logging, and recovery. Watches for production errors or stale deploys, a firewall left disabled or log-only, and missing statement timeouts that let one slow query stall the rest.
Tests and code quality. Reads GitHub secret-scanning, Dependabot, and code-scanning alerts plus branch-protection posture — so the safeguards you think are on are actually on.
Connect read-only, run a scan in an isolated sandbox, read findings backed by your own code and services, and merge the fixes you approve — then it keeps watching. Four steps, no agent loose in your repo.
Four connectors are live today, all read-only. GitHub gives the repo plus secret-scanning, Dependabot, and code-scanning alerts; Supabase, Neon, and Vercel read schema, config, and stats — never your rows. Connect what you use; LumioGuard only ever reads what each scope allows.
Tenant isolation, encrypted secrets, a tamper-evident audit trail, and throwaway sandboxes aren't add-ons — they're the floor everything else stands on.
Start free, scale when you're ready. Every plan is read-only and every fix is yours to review. No card, no contract, no setup fees — nothing to uninstall but a connection.
For your first project and a look around.
For solopreneurs and freelancers shipping for real.
For small teams launching on a schedule.
For agencies shipping client apps at scale.
Enterprise. Need SSO, custom rules, audit-log export, or a private deployment? Enterprise is custom-priced and shaped around how your team ships.
Talk to usA linter reads your code. A dashboard advisor reads your database. Neither scores your whole stack's health, keeps watching it, or fixes what it finds.
| LumioGuard | Generic linters & dashboard advisors | Doing it manually | |
|---|---|---|---|
| Checks tenant isolation (RLS) is real | proven | code only | if you remember |
| Catches secrets leaked to the client | flagged | partial | rarely |
| Reads your code in context, not just patterns | AI agent | regex / rules only | n/a |
| Ships a breakage analysis with each fix | with every fix | no | you guess |
| Opens reviewable fix PRs | safe-pr | no | by hand |
| One stack health score across the stack | 0–100 | no | no |
| Runs in an isolated, no-retention sandbox | ephemeral | n/a | n/a |
Straight answers on access, retention, breakage, and what actually gets checked.
No writes, ever, without your approval. Service connections use read-only scopes, and the optional deep scan only reads system catalogs and pg_stat — never your customers' rows. Fixes come back as pull requests you review and merge yourself.
No. Each scan runs in a fresh, single-tenant sandbox that reaches the outside world through one controlled path only — the path that carries the reads the scan needs and the findings it sends back. It runs the checks, then the sandbox is thrown away. Nothing about your repo is retained between scans.
Every fix comes with a breakage analysis, and fixes are classified by risk: safe ones become reviewable PRs on a stackguard/fix/* branch, riskier ones come as a draft or a step-by-step guide. You approve and merge in-app, never on your default branch, and a re-scan confirms the issue is actually gone before it counts as fixed.
A couple of minutes. Install the read-only GitHub App and connect Supabase, Neon, or Vercel with OAuth — then run your first scan when you're ready. Connecting alone never kicks one off, and you don't have to wire up CI or change how you deploy.
8 rule packs and over 240 checks across six pillars — security, performance, cost, deployment, reliability, and engineering. That includes RLS gaps, service-role keys in client bundles, missing FK indexes, no spend cap, unprotected preview deploys, and GitHub secret-scanning alerts — each with the evidence attached. The checks are run by a Claude Code agent that reads your code in context, not a fixed set of regexes.
Connector tokens are AES-256-GCM envelope-encrypted, every workspace is isolated at the database with fail-closed row-level security, and every action is written to a tamper-evident audit log. You can revoke any connection at any time.
Yes. LumioGuard is free during private beta, and the Free plan stays free for one project after that — a weekly GitHub-only scan with a basic report. No card to begin.
Today LumioGuard scans the code those tools produce, whatever editor you used. CI/CD checks are already live — the posture and checks page is in the app, with PR pass/fail verdicts rolling out. A published MCP server that plugs directly into Cursor and Claude Code, Slack alerts, and in-app Copilot Q&A are still on the way.
No. Your stack keeps moving as you ship, so LumioGuard keeps watching: re-scan on a schedule, alerts the day a new critical appears, and a health trend on the timeline. Launch readiness is one report among three — the go/no-go you can pull when you need it — not the whole point.
No. LumioGuard is a second pair of eyes that never sleeps — it catches the stack-health gaps a busy team misses, then hands you the fix. Every change is a pull request a human reviews and merges; it never writes to your code on its own.
The code-only scan works on any GitHub repository, whatever you built it with — so you get findings and fixes from day one. The deeper service checks cover Supabase, Neon, and Vercel today, with more connectors on the way. Connect only what you use; everything else still gets the code scan.
You won't be charged during the beta. Before any pricing starts, we'll give you notice — no surprise bills. And the Free tier stays free for one project.
Connect a project in a couple of minutes, read-only, and get your first stack health score with the evidence attached — and it keeps watching after. Free while we're in private beta.