Code governance for the AI era
Define your standards in plain-language context files. PRGuard audits every diff against them, catches the violations, and opens a PR with the fix.
01 · What you get
Runs on pull requests, pushes, or both — posting status checks, inline comments, and developer-approved fix PRs
Pick Anthropic or Google Gemini for your organisation, tuning review depth against cost on every audit
Reviews and fixes are grounded in your real code and the governance rules you define in PRGuard
Your Markdown rules are applied the same way to every commit and PR, across repos and teams
Each finding is traced end to end — from first flag, to fix PR, to the re-audit that closes it
02 · See it run
Your whole team — not just engineers — defines the standards, in one shared place. PRGuard checks every PR and push against them, shows the violations, and proposes fixes you approve before merge — with a full audit trail of every decision.
Scenario: A developer opens a PR to add Stripe payments — and PRGuard checks it against the team’s standards, line by line.
This pull request introduces multiple critical security and compliance issues, plus a few quality warnings.
Overview
The diff adds a Stripe webhook handler in billing/webhooks.py, wiring payment events directly into the API view layer. The code processes events without verifying the signature, logs the full card number, and writes to the database outside the service layer — with reliability and test-coverage gaps on top.
Key Findings
billing/webhooks.py: unverified Stripe signature, full PAN written to logs, a raw exception leaked in the 400 response, a direct DB write bypassing the service layer, and no idempotency guard — risking double charges.billing/webhooks.py: no customer payment-confirmation email, and zero test coverage on the new payment path.Recommendations
Stripe-Signature header with stripe.Webhook.construct_event(...) before processing.PaymentService.record_charge(event) — no direct ORM calls from the view.ProcessedEvent.objects.get_or_create(stripe_id=event.id).notify_customer_payment(charge).| Service layer violation Architect | Direct database write bypasses the service layer. All mutations must go through PaymentService. |
||
| Webhook signature not verified Security | Stripe payload processed without verifying the Stripe-Signature header. Any caller can trigger payment events. |
||
| Full PAN written to logs Compliance | Full card number (PAN) written to logs in plain text. PCI-DSS v4.0 requires the PAN to be unreadable anywhere it is stored — including application logs. | ||
| Raw exception in 400 response AppSec | Exception message returned verbatim in the HTTP 400 body — leaks internal stack details to potential attackers. | ||
| No idempotency key SRE | No duplicate event check. Stripe retries on timeout — without idempotency this will double-charge customers. | ||
| Payment confirmation not sent Product | Charge recorded but no receipt email dispatched. Per spec, every successful payment must trigger a confirmation. | ||
| No test coverage QA | 0% test coverage on this file. Team standard requires tests for all payment code paths before merge. |
03 · Why a governance layer
AI writes more of your codebase every week. Bolting on a tool that leaves review comments is easy. The hard part is governing what ships: enforcing your standards the same way every time, screening for risk, keeping a human in control, and proving what happened.
Your rules are applied identically to every pull request and push. Leave it in comment-only mode, or turn it into a merge gate that blocks on a failure — your call, per repository.
Before any audit runs, a gatekeeper screens every change for prompt-injection attempts — instructions hidden in a diff trying to manipulate the reviewer.
Every finding, decision, and fix is recorded with a governance score and full history — an audit trail you can show an auditor rather than a comment in a thread that scrolls away.
Plenty of tools will review your pull requests. A governance layer answers the question a reviewer can’t: can you prove your standards were enforced — and who decided what?
04 · Governance
PRGuard enforces your team’s standards on every pull request — or every push, your choice — flagging or blocking what doesn’t comply and proposing fixes your team approves. Every finding and decision is logged, so you keep a full audit trail and stay in control of what ships.
Global Engineering Consistency
Your team in London and your team in Tokyo follow the same architectural rules — enforced automatically, on every change, around the clock.
Hierarchical Enforcement
Standardise rules across your entire organisation with global blocks, or allow repository-specific overrides. Tiered governance that scales with your business.
Usage-Linked Scaling
Transparent, credit-based pricing that aligns with your engineering output. Clear team and repository allocations support most project scenarios.
Every Decision, Logged
A complete, attributable record of what PRGuard found, flagged, and fixed — ready for your SOC 2 and PCI-DSS reviews, with clear visibility into your LLM usage and spend.
AI cost optimisation
Already running premium AI reviewers or coding agents on every PR? Put PRGuard in front as a fast first pass, so they only spend tokens on changes that already clear your standards — never on code that was never going to merge.
Both run on your own engineering standards.
05 · AI-Assisted Remediation
Not every finding can be auto-fixed — and PRGuard never pretends otherwise.
For the ones where the AI is confident, you get the option — approve it, and PRGuard writes the patch.
The finding is flagged at the exact file and line, with the matching rule, severity, and a suggested fix.
Webhook signature not verified
billing/webhooks.py · line 14 · Security
By default the patch lands as a reviewable PR on a dedicated prguard/fix-* branch — or, if you prefer, a direct commit to a branch you choose. The delivery mode is yours to set.
fix: verify webhook signature before processing
Open · prguard/fix-webhook-signature · prguard-dev-app[bot]
PRGuard runs another audit on the fix branch. The finding is closed — you merge with confidence.
PRGuard / audit — passing
0 errors · 0 warnings · All findings resolved
@csrf_exemptdef stripe_webhook(request): # Stripe POSTs a signed event on every billing change payload = request.body # no signature check — anyone can POST a forged event event = json.loads(payload) # Hand the event to the right service if event["type"] == "invoice.paid": handle_payment(event["data"]["object"]) return HttpResponse(status=200)
@csrf_exemptdef stripe_webhook(request): # Stripe POSTs a signed event on every billing change payload = request.body sig = request.headers.get("Stripe-Signature") # construct_event() verifies the signature, raising on a bad one try: event = stripe.Webhook.construct_event( payload, sig, settings.STRIPE_WEBHOOK_SECRET ) except stripe.error.SignatureVerificationError: return HttpResponse(status=400) # Hand the event to the right service if event["type"] == "invoice.paid": handle_payment(event["data"]["object"]) return HttpResponse(status=200)
Batch remediation
Select several findings on a file and PRGuard resolves them in a single pull request — applying each fix in sequence, re-checking it against the file as it changes so they never clash, then re-auditing the batch to confirm the file's governance score improved, never regressed.
Automatic escalation
When your primary model can't produce a clean patch, PRGuard automatically retries once with an escalation model you nominate — even one from a different provider. One more attempt, on your terms, before it reports back instead of forcing anything.
06 · Context Studio
Define governance rules in plain Markdown — no special syntax, no config files.
Start from industry templates or write your own.
Context Studio
Manage the context files that define how your AI agents think and behave.
Architect
Security
Compliance
AppSec
SRE
Product
QA
SysAdmin
OWASP Top 10 Security Review
You MUST review every pull request for the following OWASP Top 10 risks:
Injection
Flag SQL, NoSQL, OS, or LDAP injection. Require parameterised queries.
Broken Authentication
Reject hardcoded credentials, weak session management, or missing MFA enforcement.
Sensitive Data Exposure
Ensure secrets, tokens, and PII are never committed. Require encryption at rest and in transit.
Broken Access Control
Verify authorisation checks on every endpoint. No direct object references without ownership validation.
Cross-Site Scripting (XSS)
Require output encoding. Flag innerHTML or dangerouslySetInnerHTML without sanitisation.
Insecure Deserialisation
Flag pickle.loads, yaml.load, or unserialize on untrusted input.
You NEVER approve a PR that introduces any of these risks without a documented mitigation plan.
Deep-Context Retrieval
When a rule points at a file with @ref:, PRGuard fetches it at the PR’s commit and condenses it to a compact skeleton — its public API, types, key patterns, and any invariants documented in the code, not the whole file. That skeleton goes into the audit, so the AI reasons against your actual interfaces — and the fixes it proposes call them correctly — at a fraction of the token cost.
sre/idempotency.md
All Stripe events must flow through the canonical dispatcher — @ref:billing/webhook_dispatcher.py
# condensed to its public surfaceclass WebhookDispatcher: def dispatch(event: StripeEvent) -> None def register(kind: str, handler: Handler) seen_event_ids: set[str]
07 · Roles
Whether you're shipping code, securing it, or accountable for it — PRGuard fits your workflow.
Get fast, automated feedback on every change — PR or push. Catch architectural drift the moment it's introduced, and spend less time waiting on review.
Scale your technical vision. Define your patterns in plain Markdown and have them enforced consistently across every repository — automatically.
Enforce OWASP standards and catch hardcoded secrets on every PR and push. Keep a detailed audit trail for your SOC 2 and PCI-DSS reviews.
Automatically enforce idempotency, error-handling patterns, and test coverage standards. Prevent unreliable code from reaching production before it becomes an incident.
Ensure every change respects core product flows and regulatory requirements. Transform complex compliance constraints into automated, enforceable safeguards.
Track governance scores and finding trends across every team from one dashboard — full visibility into code quality, compliance posture, and your AI spend.
08 · Workflow
Every audit produces structured, actionable findings — not just a wall of text. Assign them to teammates, copy the exact AI prompt, or pipe the remediation bundle straight into your toolchain.
Every failing audit produces structured findings with file path, line number, severity, and the context rule that triggered it — not a vague summary.
Webhook signature not verified
billing/webhooks.py:14 · signature-verification
Assign each finding straight from the audit report and set its priority and due date. It lands in their My Tasks inbox with the full context — file, line, the rule it broke, and the suggested fix — plus a comment thread to discuss it, a link to the related ticket, and status tracked from Open to Fixed.
Assigned to a teammate
P2 · due in 3 days
Every finding ships with a precise, copy-paste ready instruction for GitHub Copilot, Cursor, or any AI tool. No interpretation needed.
Edit billing/webhooks.py line 14: verify the Stripe-Signature header with stripe.Webhook.construct_event() before processing.
{
"schema": "prguard.remediation/v1",
"verdict": "FAIL",
"findings": [
{
"file": "billing/webhooks.py",
"line": 14,
"severity": "ERROR",
"rule": "signature-verification",
"suggestion": "Verify the Stripe-Signature before processing",
"ai_prompt": "Edit billing/webhooks.py line 14: verify the
Stripe-Signature header with
stripe.Webhook.construct_event() before processing",
"fix_kind": "patch"
}
]
}
09 · Safety & Control
AI-assisted fixes are a tool and not a takeover. The AI is screened for manipulation, a person triggers every change, and nothing lands without your say-so — these guardrails are baked in, not optional settings.
Before the AI reviews a single line, a gatekeeper pass screens every change for prompt-injection attempts — so malicious instructions hidden in a diff can’t hijack the audit.
Nothing is fixed automatically. A developer assigns each finding to the AI by hand — it only acts when a human on your team decides it should.
Auto-fix is enabled on every repository out of the box. An owner or admin can switch it off per repo at any time — your cost control. While it’s on, any developer can hand a finding to the AI, since they’re the one reviewing the result.
Fixes land as a reviewable pull request by default — you read the diff and merge on your terms. Prefer direct commits? That’s a setting you can choose.
If a patch can’t apply cleanly — the file moved, a conflict exists, or the diff is ambiguous — PRGuard skips that finding and reports it for human review. No force-push, no guesswork.
Every finding, decision, and fix is recorded and attributable — a complete audit trail you control and can hand straight to a reviewer.
10 · Pricing
You set what AI review costs, up front. Pick your plan and your model, and spending stops at your credit allowance unless you top up. Every token and credit is logged — no surprises, just the price you signed up for.
Platform access
Platform access
Platform access
Platform access
Custom deployment and migration support for large-scale engineering orgs.
Tell us a bit about your organisation and we’ll be in touch within one business day.
11 · FAQ
Everything you need to know before connecting your first repo.
[skip prguard] (or [skip ci]) to your PR title or commit message and PRGuard will bypass the audit entirely for that event.
prguard/… branch and opens a pull request for you to review and merge. You can opt in — via a confirmation step — to have a fix committed straight to your default branch instead, but that’s a deliberate choice you make each time; the default is always a pull request.
prguard pull <org-slug>).
Built and operated by Unifi Software Development Ltd, a software company registered in England & Wales, number 11054002. Security-first by design — every change is screened for prompt injection, your data stays scoped to your organisation, and every decision is captured in a complete audit trail.
Trusted by engineering teams