Why We Don't Run Your Code

Michael Lubas, 2025-09-05

A recent blog post from Kudelski Security opens strongly with “how we got remote code execution (RCE) on CodeRabbit’s production servers, leaked their API tokens and secrets, how we could have accessed their PostgreSQL database, and how we obtained read and write access to 1 million code repositories, including private ones”. The summary is:

  1. Code Rabbit is an AI code review startup.
  2. It works by running open source linters over the customer code then applying AI.
  3. These tools run on CodeRabbit's infrastructure, which must be heavily sandboxed to prevent an attacker gaining access to customer data.

You have likely guessed: there was no sandbox, and the researchers were able to gain access to a GitHub API key for the 1 million code repositories the CodeRabbit GitHub App has permission to access. To CodeRabbit’s credit they did acknowledge the report and quickly fixed the issue.

Running customer code on your infrastructure is not necessarily a problem if you know what you’re doing. All the major cloud providers allow you to run your code on their servers. The key point is they have very strong mitigations in place to prevent a malicious neighbor virtual machine from reading your OS memory. Running untrusted customer code on your own infrastructure without a sandbox is a security 101 failure.

Paraxial.io is intentionally designed so that the above vulnerability is not possible. This is not to say we claim some magic ability to write code that will never have security problems. In fact, the mark of an intelligent programmer is understanding the inherent risk of running customer-supplied code on your infrastructure and then deciding not to do that. When you run Paraxial.io on your code, that scan executes on a computer you control, for example a web server, CI/CD pipeline, or your local development machine.

  1. Paraxial.io does not copy your private source code to a server we control for security analysis.
  2. Paraxial.io does not store a copy of your source code on our servers.
  3. If you are using Paraxial.io, your data is never sent to AI companies for training. Any data you share with us stays private.
  4. The Paraxial.io GitHub App does not have read access to your private repository source code. It only has read access to repository metadata, read/write on pull requests, and read access to public user data.

Every working security engineer has a story about a new security control that checked a compliance box while massively increasing real risk to the organization. You technically check the SAST box with a VC backed startup that requires a copy of all your source code so that it can be run in an environment with no sandboxing.

Before trusting any vendor with your codebase, ask them:

  1. Do you store a copy of my source code on your servers?
  2. What level of access does your GitHub App require to my repositories?
  3. Do you execute my code as part of your analysis process?
  4. If you run customer code, what sandboxing and isolation controls are in place?
  5. Where does my code go if you use AI for analysis? Who trains on it?

Vendors who truly care about security will have strong, clear answers for each question.

Paraxial.io stops data breaches by helping developers ship secure applications. Get a demo or start for free.

Subscribe to stay up to date on new posts.