See how every repo in your org stacks up: branch protection, code ownership, CI, documentation. One install, one scorecard, under a minute.
Not an admin? GitHub will ask your admin to approve. We'll email you the moment the scan is ready.
Codatus reads metadata only - your source code is never read or stored. The scanner is open source, and each GitHub permission below has a single, narrow purpose.
Repository names, descriptions, branches.
File names and sizes - never the file contents.
Branch protection rules, required reviewers, status check settings.
Nothing on its own - only writes when you click "Create issue".
Here's what a scorecard looks like. Below is a sample Codatus generated for a fictional organization, acme-corp, with 15 repositories (3 forks and 1 archived repo filtered out before scanning).
Run a scan like this for your organization:
Install on GitHubThe moment install completes, Codatus scans every repository it has access to. Around 30 seconds, depending on org size.
You're taken straight to a live scorecard - no login, no extra setup. The URL is yours to bookmark or share with your team.
Download the scorecard as Markdown, or post it as a GitHub issue in a repo of your choice with one click.
Codatus is shaped by user feedback. We ship based on what users ask for. Tell us what's missing, what's broken, or what you'd buy.