HubHelper — Bring Your Own Policy, Powered by Copilot AI

{
  "domains": [
    "acme.com",
    "partner.io"
  ],
  "exactEmails": [
    "contractor@external.dev"
  ]
}

Bring Your Own Policy

Your Organization's Rules, as Well as Others

Store a single JSON file in a repository you control. HubHelper reads it at runtime — no forks, no source changes, no vendor lock-in. Update your policy and the next scan picks it up automatically.

Approved email domains or exact addresses
Full-name enforcement for all org members
Contractor exceptions per individual address
Zero hardcoded rules in HubHelper itself

.hubhelper/approved-emails.jsonPolicy Repo

GitHubFetcherFetch Config

ComplianceCheckerCheck Members

ComplianceResultReport Violations

Configure Your Policy →

GitHub Copilot AI

Intelligence That Understands Context

GitHub Copilot SDK powers insights that don't just find problems — they explain them. Get pattern analysis, risk scoring, and prioritised recommendations in plain language.

Pattern detection across all repositories
Risk level scoring: critical → low
Self-merge trend analysis
Actionable, prioritised recommendations

Explore AI Features →

hubhelper analyze --org acme-corp

════════════════════════════════════════════════════════════════
  GitHub Organization Security Analysis
════════════════════════════════════════════════════════════════

🤖 AI-Powered Insights:
=== Security Analysis Insights ===

📊 Issue Detection Rate: 9.8% of PRs flagged
⚠️  Self-Merge Rate: 6.5% (8/123 PRs)
🚨 3 security PRs merged without review
⚙️  Actions disabled: 11.1% of repos (5/45)

🔰 Risk Assessment: Critical Risk

💡 Recommended Actions:
  1. [URGENT] Address 3 unreviewed security PRs immediately
  2. [URGENT] Implement mandatory review for security changes
  3. Enable branch protection rules across all repos
  4. Re-enable GitHub Actions on 5 repositories

GitHub APISource

GitHubFetcherFetch

SecurityAnalyzerDetect

AIAnalyzerAnalyse

ReportersOutput

Policy Repo feeds into GitHubFetcher · Copilot SDK powers AIAnalyzer

Bring Your Own Policy

Define compliance rules in a JSON file you own. Set approved email domains, enforce full-name requirements, and add contractor exceptions — all without touching HubHelper source code.

Copilot AI Insights

GitHub Copilot SDK powers pattern analysis, risk scoring, and contextual recommendations that explain issues rather than just listing them.

Comprehensive Detection

Surfaces self-merges, unreviewed security PRs, disabled GitHub Actions, paused workflows, and more across every repository in your org.

Multiple Output Formats

Coloured terminal output for daily checks, JSON for automation pipelines, and styled HTML reports for sharing with stakeholders.

Security First

XSS protection in HTML reports, path traversal prevention, input validation, and Content Security Policy headers — built in from day one.

Zero-Install Usage

Run with a single npx command. No global install required. Works with Node.js 18 through 24+. First scan in under 60 seconds.

Create a GitHub Token

Generate a fine-grained personal access token with read access to your organization's repos, pull requests, and Actions.

Define Your Policy

Create .hubhelper/approved-emails.json in a repository you control. List approved domains and any individual exceptions.

Run Your First Scan

npx @sdh100shaun/hubhelper analyze --org your-org --html report.html Review the AI-powered HTML report in your browser.

Read the Full Guide →

Your Rules.
Your Intelligence.
Your Compliance.

Your Organization's Rules, as Well as Others

Intelligence That Understands Context

Data Flow in 5 Steps

Built for Your Best Practice

Bring Your Own Policy

Copilot AI Insights

Comprehensive Detection

Multiple Output Formats

Security First

Zero-Install Usage

Up and Running in 60 Seconds

Create a GitHub Token

Define Your Policy

Run Your First Scan

Start Securing Your Organization Today