Portfolio · confidential · pilot
A confidential GitHub Actions check for every portfolio company — without centralizing their source code.
Each company runs the scanner locally and shares only a sanitized summary. You receive an aggregate report; company-level results stay private unless a company opts in.
Built for
VC platform teamsPE operating partnersStartup acceleratorsSoftware agenciesFractional CTO / CISO firmsCompliance & pentest consultancies
How the pilot works
1. We set up your partner space
You get an invite link for your companies and a private aggregate-report link for you.
2. Each company scans locally
Companies run the scanner in their own environment and submit only a sanitized summary (counts). Their source never leaves their machine, and never reaches you or us.
3. You get an aggregate report
Participation, repository-count bands, and aggregate maintenance categories across the portfolio. Company-level results stay private unless that company opts in.
TaskBounty is the scanner and review provider. This is a maintenance check, not a certification, insurance, or regulatory-compliance attestation.