Proof, not promises

It all happens inside your GitHub.

Every merged PR becomes a documentation PR — drafted in your team's voice, checked through seven gates, and scanned for vulnerabilities. No new dashboard to babysit. It posts back as a real PR, a real check, a real fix.

Install on GitHub See a security fix

github.com/your-org/api · pull/1482

feat: rotate refresh tokens on /auth/refresh #1482

Mergedjordanwants to merge into→mainfromfeat/token-rotation

docs-keeper[bot]botcommented · just now

📝 I opened #1483 with the docs for this change — updated auth.md and the API reference, in your team's voice.

🛡️ Security scan: 1Critical found & fixed in #1484.

All checks have passed· 3 successful checks

docs-keeper / draft-docs— doc PR #1483 opened

docs-keeper / 7 validation gates

docs-keeper / security-scan— 0 critical remaining

01Install in 2 minutes

GitHub Marketplace

One click from GitHub itself

docs-keeper installs from the Marketplace and asks only for the scopes it needs — you can read them before you approve.

github.com/marketplace/docs-keeper

docs-keeperbot

Documentation that updates itself + security scanning

live productright after install

Repositories connecteddocs-keeper.com/repos

your-org/api● active
your-org/web● active
your-org/mobile● syncing

Onboarding

✓Install the GitHub App
✓Connect your first repo
3Merge a PR → land your first doc PR

02Merge code → get a doc PR

github

github.com/your-org/api/pull/1483

docs: rotated refresh tokens for /auth/refresh #1483

Opendocs-keeper[bot]botwants to merge into→mainfromdocs-keeper/docs/1482

docs/api/auth.md

@@ docs/api/auth.md @@

12 ## POST /api/auth/refresh

13-Returns a new access token.

13+Returns a new access token plus a rotated refresh token.

14+

15+> Refresh tokens are now single-use (added in #1482).

7 validation gates

Checked before you ever read it

Link integrity, code-fence compile, terminology, voice match, redaction, freshness, and rendering — all green, as native GitHub checks.

All checks have passed· 7 successful checks

gate / links resolve

gate / code samples compile

gate / terminology consistent

gate / voice match— 0.94 similarity

gate / no secrets / PII

gate / freshness

gate / renders clean

live product

Runs — one per mergedocs-keeper.com/runs

#1482 token rotationdoc PR #148327s$0.004
#1479 rate limiterdoc PR #148024s$0.003
#1475 webhook retriesdoc PR #147631s$0.005

Every merge → a run → a doc PR, in your voice, for fractions of a cent.

03Security scanning, in the same PR

Scan → find → fix

It doesn't just flag it. It fixes it.

docs-keeper scans the diff, posts findings as native code-scanning alerts, then opens a fix PR — and re-runs the check until it's green.

scanning your-org/api…

Cloning repo

Resolving dependencies

Running rules engine

AI semantic pass

Posting results to PR

CriticalSQL injection via unsanitized queryCWE-89 · ghsa-detected

src/db/users.ts:42

ReachableExploit likelyIntroduced in #1455

const q = `SELECT * FROM users

WHERE name = '${req.query.name}'`;

return db.raw(q);

docs-keeper

HighVulnerable dependency: lodash < 4.17.21GHSA-35jh-r3h4-6jhm · CVE-2021-23337

package.json:24

Fixed in 4.17.21Direct dependency

"lodash": "4.17.11",

docs-keeper

githubthe fix PR docs-keeper opens

github.com/your-org/api/pull/1484

fix: bump lodash 4.17.11 → 4.17.21 (CVE-2021-23337) #1484

Opendocs-keeper[bot]botwants to merge into→mainfromdocs-keeper/fix/lodash

package.json

@@ package.json @@

24-"lodash": "4.17.11",

24+"lodash": "4.17.21",

All checks have passed· 2 successful checks

security-scan / re-run— alert resolved

ci / tests

Linked to alert #7 · was Critical → now resolved

push protection

$ git push origin main
remote: error GH009: Secrets detected! This push failed.
remote:   — AWS key in src/config.ts:8
remote: docs-keeper blocked the leak before it shipped.

live producta real scan in the product

A real docs-keeper security scan — critical findings and a drafted fix PR

Before

3Critical7High12Medium5Low

After docs-keeper

0Critical0High2Medium5Low

27 → 7issues · 0 Critical remaining

04Why developers trust it

validation gates

~$0.004

per doc PR

~27s

merge → PR

auto-merges

Trusted with repo access

Read once — never stored or used for training
We scan ourselves — clean
Least-privilege scopes, readable before install

Grounded, not hallucinated — a grounding gate rejects any doc that mentions an identifier not present in your diff.

One of seven validation gates that run before a PR is ever opened.

See the actual PR it opened — in a real public repo

Inspect the diff, the checks, the fix. Nothing staged.

live link — coming with public launch

Transparent pricingdocs-keeper.com/pricing

Public repos free. Paid plans start at a flat monthly price — the per-doc cost is fractions of a cent, and we show it.

See plans

Shipping every weekdocs-keeper.com/changelog

v1.9 · semantic scan pass
v1.8 · voice match v2
v1.7 · merge-queue aware

Operational maturitydocs-keeper.com/status

All systems operational

Every incident in the open · public status page.

05Your cockpit — everything in one place

live productyour real dashboard

The docs-keeper dashboard — doc PRs, acceptance rate, time-to-PR, repos

Docs that keep themselves. Security that fixes itself.

All of it lives where your code already does — GitHub. Nothing to paste, nothing to babysit.

Install on GitHub See pricing