ENTERPRISE ADD-ON · PRIVATE EARLY ACCESS

AI code review that never holds your code.

Just-in-Time Code Access removes ADO Pilot's standing access entirely — no stored PAT, no standing service-principal grant to your repositories. Your own pipeline streams the diff and answers the model's file reads over an authenticated WebSocket; ADO Pilot brokers the review to Anthropic in real time and, by design, keeps nothing at rest.

No standing credentials Bring your own pipeline Zero code retained

// THE PROBLEM

Standing access is standing risk.

Most review tools — ours included, by default — need standing access that can read your repositories: a stored PAT, or a service-principal grant your directory hands the vendor. Either way it's a permanent line into your source — a token that can be leaked, or an authorization that can be misused or compelled — and it's the first thing a security review flags. JIT Code Access removes it.

⚠ vendor-risk register — line item
third_party: ado-pilot has standing read access to all repos (PAT or service-principal grant)
blast_radius: every repository that access can reach
with JIT: no standing access exists to register

With Just-in-Time Code Access there is no standing access to your source on our side — so there's nothing to add to the risk register, no authorization to misuse, and nothing an attacker or a subpoena could use to reach your code through us.

// WHAT YOU GET

Control that survives a security review.

access/no-standing

No standing access

ADO Pilot holds no PAT for your repositories and needs no standing service-principal grant to them. There's no standing access on our side to leak, misuse, or subpoena.

access/your-env

Your code stays in your environment

A pipeline you own and maintain performs the checkout, inside your own Azure DevOps environment. The source never sits at rest on our side.

runtime/ephemeral

Ephemeral by design

ADO Pilot brokers the review as a real-time proxy to Anthropic. By design, nothing is cached, written to disk, or persisted — your code exists only in-flight, then it's gone.

control/trigger

You hold the trigger

Because the pipeline is yours, you decide when — and whether — a review ever runs. Revoke access by changing your own pipeline, not by filing a ticket with us.

compliance/audit

Built for the audit

Shrinks third-party blast radius to near zero and gives your vendor-risk and data-residency assessments a much shorter checklist.

review/in-your-pr

The review, posted where you work

You get an ADO Pilot review delivered the way you already expect — inline comments and a status check on the PR. What changes is the path your code takes to the model, not where the results land.

// HOW IT WORKS

One open channel. Every request answered live, nothing kept.

Your pipeline dials out to ADO Pilot over a single authenticated WebSocket and answers the model's requests in real time. ADO Pilot only ever brokers the bytes — it keeps none of them.

1

Your pipeline triggers on the PR

A pull request is opened or updated, and a pipeline you own and maintain triggers on that event — checking out the repo right inside your Azure DevOps environment. Nothing on our side has the access to start it.

2

It opens a WebSocket and sends the diff

Your pipeline dials out to ADO Pilot over an authenticated WebSocket and transmits the PR diff. You initiate the connection, and it stays open only for this review.

3

ADO Pilot hands it straight to Anthropic

The instant the diff arrives, ADO Pilot relays the review to Anthropic — held in memory for milliseconds, never written to disk, never stored. in-memory only · nothing at rest.

4

The model reads your code through the proxy

⟳ loops until the review is complete

Anthropic sends tool calls back to ADO Pilot, which proxies each one down the same WebSocket to your pipeline task. Your task reads exactly what was requested and streams it back — search, read, analyze, repeat. every byte proxied, none retained.

5

Findings post, the channel closes, nothing remains

Inline comments and the status check land on your PR. The WebSocket closes, and every byte that passed through is already gone. retained: 0 bytes.

// STANDARD vs. JIT

The same review, a smaller trust boundary.

Standard ADO Pilot is built for fast setup and never clones or indexes your source tree. JIT Code Access goes further for teams that can't grant any standing access at all.

Standard ADO PilotJIT Code Access — add-on
Repository accessStanding PAT or service principalNone — no standing credential exists
How the code is readADO Pilot reads the PR diff via its credentialYour pipeline serves the diff and the model's file reads over a live WebSocket; ADO Pilot never touches your repo
Where the checkout happensNo clone — diff only, from a service hookYour environment, your pipeline
Your code on our sideDiff held in encrypted, access-controlled temporary storage for the review, then deletedNothing at rest — brokered in real time, never persisted
Who controls the triggerOur service hook, on PR eventsYou, via your own pipeline
Ideal forMost teams — fastest setup, zero pipeline changesRegulated & security-first Enterprise

// AVAILABILITY

In private early access for Enterprise.

JIT Code Access is an add-on to the Enterprise plan, and we're onboarding design partners now. Setup and pricing are scoped to your environment. Tell us about your requirements and we'll walk you through the architecture and a pilot.

$ contact sales --early-accesssales@adopilot.dev · Enterprise add-on · not yet generally available

// GOING FURTHER

Need self-hosted or air-gapped?

If a real-time proxy still isn't enough isolation — you need ADO Pilot running entirely inside your own network, or fully air-gapped with no egress to us at all — that's a conversation we want to have. Reach out and we'll scope your requirements with you.

sales@adopilot.dev