Sandboxed execution
Code runs in a one-shot job.
Each submission spins up an isolated Azure Container Apps job with egress locks, then tears down on completion. The host process never sees candidate code.
Every run is isolated. Every score has a receipt. Every event lands in an append-only log we can replay on demand. That is the contract.
How it holds up
Each pillar is a load-bearing decision baked into how DevMesh runs candidate work. Together they let recruiters trust the verdict and let candidates audit it.
Sandboxed execution
Each submission spins up an isolated Azure Container Apps job with egress locks, then tears down on completion. The host process never sees candidate code.
Immutable replay
Every run writes a workspace tarball to blob storage once, with no overwrites. The replay substrate powers re-evaluation, dispute resolution, and the model-quality flywheel.
RBAC, short-lived tokens
Recruiter and candidate accounts are scoped through JWTs with role-bound audiences. Invite tokens are exchanged for short-lived candidate JWTs bound to a single submission.
Server-side LLM relay
Every AI call routes through the DevMesh LLM relay. Per-submission budget is enforced with a reserve-and-settle token ledger before the prompt ever leaves our network.
Full audit trail
Keystrokes, diffs, prompts, terminal output, and judge calls land in an append-only event store. Each score on the report links back to the source event that produced it.
Deterministic re-eval
Observations are cached by content hash, so the same input never gets two different judgments. Bumping a component version is the only legitimate way to force a re-read.
A short list of the boring guarantees that hold the security model together. None of these surface to candidates or recruiters by default. All of them are required for a customer to ship.
Encryption in transit
TLS 1.2+ on every public endpoint.
Encryption at rest
Azure-managed keys on PostgreSQL Flex and Blob Storage.
Network posture
Database is private-only with no public ingress.
Secrets
Vault-issued, rotated, never written to logs.
Backups
Daily point-in-time snapshots on the primary database.
Dependency hygiene
Dependabot plus image digest pinning in production.
Sandbox egress
Outbound network is locked at the ACA job boundary.
Observability
OpenTelemetry traces flow into Azure Log Analytics.
Coordinated disclosure
Email us with a description and reproduction steps. We respond within one business day, credit reporters by default, and ship a fix on the same release train as customer features.
For account or billing issues, use contact support instead.