Team coverage
Repos with at least one team-based permission path.
Free GitHub Access Audit
repod's free GitHub access audit gives private engineering orgs a fast first pass on direct grants, private repos without team coverage, high-privilege teams, and ownership drift.
What it answers
Use the free audit before a deeper access review to see which repos need an owner, which direct grants deserve cleanup, and which high-privilege teams should be checked first.
Signals
Each signal points at a concrete access-review decision, not a vague score.
Repos with at least one team-based permission path.
Private repos with no team grants and unclear ownership paths.
User-to-repo grants outside the normal GitHub team model.
Teams with maintain or admin access that deserve review.
Sample report snapshot
A real org will differ, but the output should quickly separate normal access from cleanup work.
Review repos outside the team model first.
Assign owners or document approved exceptions.
Convert long-lived user grants to teams where possible.
Confirm maintain/admin is still justified.
Example findings
A repo was created quickly and access was granted user by user. Create or attach an owning team before removing old direct grants.
An old platform or engineering group kept admin on many repos. Split everyday access from break-glass access.
Vendor or contractor access was added for a project. Confirm whether the engagement is still active and who approved continued access.
Run it when
Use it before customer security reviews, after offboarding churn, or before moving direct grants into a cleaner team-based model.