Skip to main content

Integration · Source control

On roadmap — not yet shipped

ClarityLift + GitHub

GitHub PR-comment and discussion signals for engineering team friction and communication health. Roadmap — not yet shipped.

Signals derived from GitHub

Engineering team friction (review tone, blocked PRs)

Communication health (review participation, response times)

Silence (PR review queue stall)

OAuth scopes ClarityLift requests

Every scope below has a documented purpose tied to a specific step in the data flow. ClarityLift never requests scopes it does not use.

repo: pull_request: read

Read PR metadata and comments

repo: discussion: read

Read discussion threads (where enabled)

org: read

List organization repositories

org: members: read

Resolve members for the consent gate

Data flow, end to end

  1. 1Org admin installs the ClarityLift GitHub App at the org level.
  2. 2Admin selects which repositories to connect (default: none).
  3. 3GitHub delivers PR-comment and discussion events via webhook.
  4. 4Classifier processes review-thread tone and surfaces aggregate friction signals at the team level.
  5. 5Code content itself is never ingested — only the comment/discussion text.

What ClarityLift does NOT read on GitHub

The privacy posture is led by what is excluded, not what is included.

  • Direct messages between individuals — never read, ever.
  • Group DMs — out of scope by design.
  • Channel content from teams below the 10-member group floor.
  • Personal account content of any kind.
  • Source code — never ingested.
  • Issue body content from private bug reports.
  • Repositories not explicitly connected.
  • GitHub user profile data beyond org membership.

Retention

No comment text is persisted. Aggregate signals only. PR-id metadata is stored for dedup.

Privacy considerations specific to GitHub

  • GitHub Apps follow least-privilege scoping — ClarityLift never requests `repo` (full read), only the granular `pull_requests` and `discussions` permissions.
  • Public repositories: technically all PR comments are public, but ClarityLift treats them with the same group-floor and consent posture as private channels.
  • Open-source projects with external contributors: external commenters do not enroll in the consent flow; their comments are dropped at the consent gate the same way unknown senders are.

What the customer does at install time

  1. 1.Org admin installs the GitHub App.
  2. 2.Admin selects repositories to connect.
  3. 3.Admin maps repositories to internal teams.

Other integrations

Jira

Issue tracking

Slack

Team messaging

See all integrations →

GitHub is on the roadmap — start with Slack or Teams today.

Get Early AccessRead the privacy architecture