Introduction
Not an AI code reviewer. Yes a fail-closed gate: Stripe says paid, your app DB might disagree — ProdVerdict checks that in CI.
ProdVerdict is a deterministic production contract engine for SaaS. It compares billing state (Stripe/Paddle) against your database, catches env drift, unsafe migrations, and more — without calling an LLM in the evaluation path.
Run npx prodverdict demo (no API keys), then read the 5-minute quickstart.
Try in 5 seconds
npx prodverdict demo
Expect FAIL: active Stripe subscription, has_paid_access false — a revenue leak.
Contracts (v0.10.0)
| Contract | What it checks |
|---|---|
| Access | Billing (Stripe/Paddle) vs app database paid-access flags |
| Config | process.env references vs .env.example and CI secrets |
| Migration | Postgres DDL patterns that lock or rewrite tables unsafely |
| Boundary | Mass-assignment and forbidden sensitive fields in API handlers |
| Webhook | Signature verification and idempotency patterns |
| Restore | Backup/restore smoke commands in CI |
Start with Access — it ties directly to revenue. Run one or all six: npx prodverdict check all.
Pricing
The engine is free: unlimited CLI, GitHub Action, and local MCP on public and private repos. ProdVerdict Cloud (Pro) adds remote MCP repo scans, run history, policy templates, and audit log.
Next steps
- 5-minute quickstart — demo, scan, init, live checks
- Install & init — add
prodverdict.ymlto your repo - Production contracts — mental model