> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mergewatch.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Permissions Explained

> Exactly what MergeWatch requests, why it needs each permission, and what it deliberately does not request.

MergeWatch follows the principle of least privilege. Every permission below is the minimum required for the app to function. This page is written for security teams evaluating MergeWatch for enterprise adoption.

## Permission table

### Repository permissions

| Permission        | Level          | Why it's needed                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
| ----------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **Checks**        | `read & write` | Create check runs on the pull request with a findings summary, merge readiness score, and pass/fail status. <img src="https://mintcdn.com/mergewatchai/5R2E8KIxVCE2R7dJ/images/repo.checks-permission.png?fit=max&auto=format&n=5R2E8KIxVCE2R7dJ&q=85&s=8ab9034dfe1827be526c0ac05e8ba768" alt="Checks — Read and write" width="567" height="67" data-path="images/repo.checks-permission.png" />                                                                                       |
| **Contents**      | `read`         | Read the pull request diff and the `.mergewatch.yml` configuration file from the repository root. MergeWatch never writes to repository contents. <img src="https://mintcdn.com/mergewatchai/5R2E8KIxVCE2R7dJ/images/repo.contents-permission.png?fit=max&auto=format&n=5R2E8KIxVCE2R7dJ&q=85&s=6f309b407606b754478191732d621fb7" alt="Contents — Read-only" width="584" height="69" data-path="images/repo.contents-permission.png" />                                    |
| **Issues**        | `read & write` | Create and update PR summary comments (GitHub's API uses the Issues endpoint for PR comments), list existing comments to avoid duplicates, and add reactions (e.g., :eyes: when a review starts). <img src="https://mintcdn.com/mergewatchai/5R2E8KIxVCE2R7dJ/images/repo.issues-permission.png?fit=max&auto=format&n=5R2E8KIxVCE2R7dJ&q=85&s=ce818da4d5a42dddbb97e6e8b1058ad1" alt="Issues — Read and write" width="586" height="63" data-path="images/repo.issues-permission.png" /> |
| **Metadata**      | `read`         | Automatically granted to all GitHub Apps. Provides access to basic repository metadata (name, description, default branch).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
| **Pull requests** | `read & write` | Post inline review findings as PR review comments, create and dismiss reviews, and read PR metadata and diffs. This is the primary output channel for every review. <img src="https://mintcdn.com/mergewatchai/5R2E8KIxVCE2R7dJ/images/repo.pr-permission.png?fit=max&auto=format&n=5R2E8KIxVCE2R7dJ&q=85&s=59e8d27977271f7fc9acdf56f47b0341" alt="Pull requests — Read and write" width="599" height="82" data-path="images/repo.pr-permission.png" />                                                        |

### Organization permissions

| Permission  | Level  | Why it's needed                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
| ----------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Members** | `read` | Verify that the user accessing organization-level settings in the dashboard is an org admin. No member data is stored. <img src="https://mintcdn.com/mergewatchai/5R2E8KIxVCE2R7dJ/images/org.members-permission.png?fit=max&auto=format&n=5R2E8KIxVCE2R7dJ&q=85&s=b8cd7068d1cc03a57545ff3c0728b0dc" alt="Members — Read-only" width="574" height="61" data-path="images/org.members-permission.png" /> |

<Info>
  All permissions are set at install time via the GitHub App manifest. You can verify them at any time in **GitHub Settings > Applications > MergeWatch > Permissions**.
</Info>

## What MergeWatch does NOT request

Equally important is what the app *cannot* do. These permissions are intentionally excluded.

<CardGroup cols={3}>
  <Card title="No repository: write" icon="lock">
    MergeWatch cannot push commits, merge pull requests, or modify any file in your repository. It is read-only with respect to code.
  </Card>

  <Card title="No secrets: read" icon="key">
    MergeWatch cannot access repository or organization secrets. It has zero visibility into your CI/CD credentials, tokens, or environment variables.
  </Card>

  <Card title="No actions: write" icon="ban">
    MergeWatch cannot trigger, cancel, or modify GitHub Actions workflows. It operates entirely outside your CI/CD pipeline.
  </Card>
</CardGroup>

## Webhook events

MergeWatch subscribes to the following webhook events. Each event triggers a specific, scoped action. All other events are acknowledged with `200 OK` and ignored.

| Event                         | Why it's subscribed                                                                                                                                                            |
| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `pull_request`                | Triggers the review pipeline on `opened`, `synchronize`, `ready_for_review`, and `reopened`.                                                                                   |
| `issue_comment`               | Listens for `@mergewatch` mentions in PR comments (`@mergewatch review`, `@mergewatch summary`, or free-form respond mode).                                                    |
| `pull_request_review_comment` | Detects when a human replies inside a review-comment thread that MergeWatch started, so the bot can reply inline. Only `created` actions with an `in_reply_to_id` are handled. |
| `check_run`                   | Listens for `rerequested` so reviewers can re-run a MergeWatch review by clicking the **Re-run** button on the check in GitHub's Checks UI.                                    |
| `installation`                | Tracks when the app is installed or uninstalled so MergeWatch can provision or clean up installation records.                                                                  |

See [Webhook Events](/github-app/webhook-events) for the exact action-level handling per event.

<Frame caption="Webhook event subscriptions — the checked events are the ones MergeWatch requires.">
  <img src="https://mintcdn.com/mergewatchai/5R2E8KIxVCE2R7dJ/images/subscribe-to-events.png?fit=max&auto=format&n=5R2E8KIxVCE2R7dJ&q=85&s=4c7998980a7230da8893c125fd2b6841" alt="GitHub App webhook event subscriptions" width="710" height="514" data-path="images/subscribe-to-events.png" />
</Frame>

<Tip>
  You can inspect every webhook delivery — including payload and response — in your GitHub App's **Advanced** tab under **Recent Deliveries**.
</Tip>

## Security model

MergeWatch is designed so that sensitive credentials are never embedded in code, environment variables, or Lambda configuration.

### Zero API keys in the runtime

GitHub credentials (App ID, private key, webhook secret) are stored in **AWS SSM Parameter Store**, encrypted at rest with AWS KMS. The Lambda function reads them at invocation time via the SSM API — they are never baked into the deployment artifact.

Amazon Bedrock authentication uses the **Lambda execution role** (IAM instance profile). There are no Bedrock API keys to manage, rotate, or leak.

### Webhook signature validation

Every incoming webhook is validated using **HMAC-SHA256** before any processing occurs. Requests with missing or invalid signatures are rejected immediately. This prevents spoofed payloads from triggering the review pipeline.

### IAM permissions are tightly scoped

The Lambda execution role follows least-privilege IAM policy design.

| IAM Action                                           | Scope                                                                |
| ---------------------------------------------------- | -------------------------------------------------------------------- |
| `bedrock:InvokeModel`                                | Scoped to specific foundation model ARNs only.                       |
| `dynamodb:GetItem`, `PutItem`, `Query`, `UpdateItem` | Limited to the MergeWatch-specific tables created during deployment. |
| `ssm:GetParameter`                                   | Limited to `/mergewatch/{stage}/*` parameters only.                  |

<Note>
  The IAM policy is defined in the SAM template and deployed via CloudFormation. You can audit the exact permissions in the `template.yaml` file of the MergeWatch repository.
</Note>

## Frequently asked questions

<Accordion title="Can MergeWatch modify my code?">
  No. MergeWatch has `contents: read` only. It cannot push commits, create branches, or modify any file. The only write operations are posting review comments (`pull_requests: read & write`) and creating check runs (`checks: read & write`).
</Accordion>

<Accordion title="Does MergeWatch store my source code?">
  No. Diffs are read from the GitHub API, processed in memory during the Lambda invocation, and discarded. No source code is written to DynamoDB, S3, or any other persistent store.
</Accordion>

<Accordion title="Can I restrict which repositories MergeWatch accesses?">
  Yes. During installation, select **Only select repositories** instead of **All repositories**. You can change this at any time in GitHub Settings > Applications.
</Accordion>

<Accordion title="How do I audit what MergeWatch is doing?">
  Three places to look: **GitHub webhook delivery logs** show every event sent to the app. **CloudWatch Logs** capture the full Lambda execution trace. **Bedrock invocation logs** (if enabled) show every model call and its input/output.
</Accordion>
