Ship-Safe gate · 7 of 7

The envelope maps.

Three read-only maps of what the app actually exposes: routes, integrations, scheduled jobs. Not a check that fails. A picture you should see.

WARNSreport label: Overview — what your app has (read-only)

What the check reads

Three read-only scans of the repo, run together. The API surface map finds every route handler under app/api, reads which HTTP methods it exports, and checks the handler body for signs it authenticates its caller, with comments stripped first so commented-out auth never counts; a route that writes without any recognizable gate is flagged. The agents and integrations map walks the app tree for known service hosts and SDK imports, names each integration and the env key behind it, and flags a secret env var read inside a client component, where it would ship in the browser bundle. The schedules and jobs map reads the crons declared in vercel.json plus the cron route handlers, and flags a job with no shared-secret check as publicly triggerable, and a schedule with no handler behind it as broken.

Why AI-built code ships this

An agent can wire up a write endpoint, a third-party call and a scheduled job in one afternoon and mention none of them. The person who owns the app ends up not knowing what it exposes: which routes mutate data, which keys back which calls, what runs unattended overnight. The maps exist so the owner sees the whole envelope, not just the diff of the day.

Why it warns

Warns, never blocks. A surprising map is information to act on, not proof of a defect: some public mutating routes are legitimate, a rate-limited contact endpoint for example. The safety checks own the NO-GO; the maps hand a person the full picture plus the specific lines worth an eyeball.

In the proof record

Three summary lines with real counts, one per map, plus the flagged items and the full route, integration and schedule listings underneath.

✓ API surface map — 27 route(s) · 21 look gated (session or cron secret) · 14 mutate (write) · 0 mutate without any obvious gate.
⚠ Agents & integrations map — 4 integration(s) detected (incl. an MCP server).
✓ Schedules & jobs map — 2 job(s) · 2 scheduled in vercel.json · 0 ungated · 0 cron route(s) not wired to a schedule.

Honest limits

Heuristics over source text, not a proof. An auth wrapper the scanner does not recognize reads as ungated, an unusual fetch pattern can hide an integration, and anything outside the repo, a gateway or a platform rule, is invisible to it. Treat a clean map as a good sign and a flagged line as a place to look, never as a security verdict.

Want every change gated like this before it ships?

The same gate runs in every engagement, and each piece of work ends on a plain go or no-go, in writing. The gate itself is open source, so you can read exactly what we run.

Book a call →Run the gate yourself

The other 6 gates

Dirty-tree guardSecret scanTracked .env fileTypecheckProduction buildSchema-bump check

The whole method, from the controlled zone to the proof record: the methodology.