What Probe is
Probe is a scanner for the public app URL you submit.
It checks what an outside unauthenticated request can see from that URL, then turns supported findings into a report. The free scan shows the external scan result, severity counts, and a blurred preview of findings. The full audit is a $149 one-time purchase that unlocks every finding unblurred, with severity, evidence, exploitability, and copy-ready AI coding tool patch prompts.
Paid reports include unlimited re-checks per finding so you can verify each fix after you ship it.
Scope and limits
Probe is a public-surface scan. It is not a manual penetration test, private source-code review, authenticated security test, compliance audit, incident response service, or guarantee that every vulnerability has been found.
Probe does not need repo access, GitHub tokens, dashboard credentials, private database access, production secrets, customer lists, or user passwords for a normal scan.
Probe avoids destructive testing. It does not try to break in, bypass access controls, brute-force accounts, or scan private networks. If your app is behind login, VPN, basic auth, IP allowlisting, a coming-soon gate, or a bot-blocking challenge, Probe may not be able to complete the scan.
You are responsible for deciding whether to apply a fix, how to apply it, whether to rotate credentials, whether to notify customers, and whether to involve a lawyer or security professional.
No security guarantee
A clean Probe scan means Probe did not observe supported public-surface findings during that scan. It does not mean your app is secure.
A Probe finding means Probe observed a condition that may need review. It does not prove a breach, confirm exploitation, or replace engineering judgment.
You should keep normal security practices in place, including code review, secret management, access control review, logging, monitoring, dependency review, incident response planning, and safe deployment practices.
Payment and report access
The full audit is a $149 one-time purchase through Stripe checkout. It is not a subscription.
After payment, access is handled through the report unlock and magic link email flow. There is no customer sign-in portal, account dashboard, billing portal, subscription dashboard, or PDF export in Probe v1.
Use the same email you used at checkout when opening a magic link. If payment succeeded but the report does not unlock, email support@runprobe.com with the checkout email, submitted URL, and report link if you have it.
Do not buy the same report repeatedly if access fails. Let support investigate the payment and unlock state.
Monitoring
Monitoring is not available in Probe v1.
Monitoring is planned for v2 at $79 per month with a 12-month commitment, but it is coming soon and is not purchasable today. There is no monitoring subscription to manage or cancel in v1.
Refunds
Probe refunds are narrow because the full audit is a one-time report product.
Email support@runprobe.com within 30 days of purchase if you believe your scan or report failed.
Refunds may be approved when:
- The scan technically failed and could not produce a usable report.
- The scan worker crashed before completing the report.
- No findings rendered because of a product failure.
- The paid report was broken or could not be accessed after payment.
Refunds are not approved because you changed your mind, bought the wrong thing, did not like the findings, expected monitoring, wanted a different kind of audit, or the scan did not find anything you did not already know.
Support will verify whether the scan, worker, payment unlock, or report rendering failed. If the issue can be fixed by re-running the scan or restoring report access, support may offer that before approving a refund.
If a refund is approved, it is processed through Stripe within 5 business days. Your bank or card provider may take additional time to show the credit.
If a refund is not approved, support will explain why and offer to re-run the scan when that is the better fix.
Privacy and data handling
Probe uses the submitted URL and public response data to produce scan results, reports, support context, abuse prevention, and product reliability improvements.
Probe may store the submitted URL, scan time, public response metadata, HTTP status codes, response headers, reachable public routes or assets, finding records, report access state, checkout metadata, and support messages.
Evidence may include public asset paths, missing header names, route names, redacted key-like snippets, response behavior, or other public-surface signals needed to explain a finding.
Reports can contain sensitive security context even when secrets are redacted. Treat report links as internal security documents.
Probe uses an AI service to generate the narrative summary in your paid report. Before sending data to the AI service, findings are sanitized and URLs are stripped, raw evidence is omitted, and remediation prompts are not included. The AI service processes this data as standard API calls; Probe does not authorize it to be used for training.
What not to send Probe
Do not send passwords, API keys, private credentials, database exports, customer PII, provider dashboard access, GitHub tokens, Supabase service-role keys, Stripe secret keys, AI service keys, or unredacted production logs.
If a finding involves an exposed credential, rotate it with your technical owner. Do not paste the full secret into support tickets, chat rooms, issue trackers, or AI tools.
Data requests
You can request a review or removal of Probe records by emailing support@runprobe.com with the checkout email and report link if you have them.
Some billing, support, abuse-prevention, and operational records may need to be retained where required for payment records, security review, legal obligations, or product reliability.
Support
Email support@runprobe.com for scan failures, report access problems, refund requests, unclear findings, or product questions.
For the fastest help, include the submitted URL, report link if available, checkout email if payment is involved, and a short description of what happened.
Do not include secrets or private credentials.
Changes to Probe
Probe may change its scanner, findings, pricing, report format, access flow, refund handling, support process, or future monitoring product over time.
If a change materially affects paid customers, Probe will update this page and relevant help articles.