Security at SnippetGraph

SnippetGraph is intended to sit between your authoring workflow and your chosen destination, with clear user-initiated actions and no hidden redistribution of content.

The goal is straightforward: help teams move knowledge safely while preserving the integrity of the content they authored.

We only forward content to GitHub or another configured destination as-is. We do not silently rewrite, mutate, or repurpose the material you send through the product.

That keeps review, diff inspection, and downstream approvals aligned with what your team intended to publish.

Access to publishing actions should remain with the users and teams operating the workspace. You choose when to connect systems, when to use them, and when to remove a workspace entirely.

If a workspace is no longer needed, you can delete it and stop using SnippetGraph for that body of work.

GitHub and any other configured destinations are separate services. Once content is delivered there, their own repository permissions, retention, audit trails, and security settings apply.

Teams should review destination-level security controls as part of their full deployment process.

We aim to keep the security posture simple and understandable:

• Only move content when a user chooses to publish it.
• Preserve the content being sent to its destination.
• Avoid retaining user data beyond what is needed to support the requested workflow.
• Keep deletion and workspace lifecycle under user control.
• Rely on destination-side review systems such as pull requests for final approval.