Measured: 100% cited, 100% correct answers on the public Express benchmark — see the numbers

Private code memory for AI

Give your AI grounded answers over private repositories, without uploading source code.

SourceVault keeps every line on infrastructure you control — laptop, workstation, or your own server — indexes it with code-aware retrieval, and gives your team a safer way to search, read, and reason about proprietary code.

What buyers get

  • A dashboard with cited answers, a full source viewer, watches, and runbook export.
  • Hermes plugin plus an MCP server for Claude Code and any MCP client.
  • Git-history answers, module overviews, and AI-change provenance — coverage cloud indexers never see.
  • A 7-day free trial — the full product on one repository, no account, no card.
  • Sentinel trust layer: an access policy over what AI can read, secrets redacted from every answer, and a tamper-evident audit log.
  • One-command install on macOS, Linux, and Windows — GitHub, GitLab, and Bitbucket supported.

See it work

Ask a question, get a cited answer, click straight to the source.

The problem

Hosted AI tools break down when the code is private.

Most code assistants want to upload your repository, keep it in a cloud context window, and answer from a lossy slice of your system. That creates privacy risk, compliance concerns, and weak answers when the repo is large or sensitive.

SourceVault is built for teams that need private code intelligence on local infrastructure.

How it works

Local index, exact reads, grounded answers.

The retrieval patterns the leading RAG frameworks document as best practice — implemented natively on ChromaDB and Ollama, so the stack stays small and every line is yours to audit.

01

Hybrid retrieval

Each query combines semantic search and exact keyword matching, then fuses the rankings so the strongest results rise to the top.

02

Code-aware chunking

Files are split along function and class boundaries, so every result maps to readable code with exact line ranges.

03

Context-aware embeddings

Each chunk is embedded with its path and symbol names so the vector store knows where code lives, not just what it says.

04

Grounded answers

Ask mode checks whether it has enough context, retrieves again if needed, and answers only from source-backed snippets instead of guessing.

Cost model

AI burns tokens. Retrieval is how you stop paying for it.

Watch an AI agent work on a real codebase and you will see where the money goes: it re-reads whole files to find one function, drags stale context forward turn after turn, and pays again for every retry. That burn compounds — per question, per developer, per day — and per-seat plans meter all of it.

SourceVault's retrieval engine exists to end that pattern. Every question gets a bounded budget of cited file and line ranges — never a repo dump — and repeated questions return from cache with zero model calls. Local models answer with no meter at all; when you do route an agent to a hosted model, it receives targeted snippets, so the tokens you pay for are the ones that matter.

Per-seat feesNone — runs for the whole team on one machine you control
Per-token billingNone for local answers; repeated questions return from cache with zero model calls
Context per answerBounded budget (≈6k tokens by default) of cited file and line ranges — never a repo dump
Source code egressNone — nothing uploaded, logged, or retained by a third party

Operator experience

Fast, deterministic commands for private code.

Three commands cover it: search for code, read a file, ask a grounded question. They behave the same way every time — in the CLI, Telegram, or Hermes Desktop — so they're easy to teach, support, and repeat. Just ask; the engine retrieves on its own.

$/code-search express "trust proxy client ip"
$/code-read express lib/request.js
$/code-ask express "how does the trust proxy setting affect the client IP?"

Code intelligence

More than search — memory that understands and watches your code.

The retrieval engine goes past keyword matching: it knows how your code connects, keeps its answers honest as the code changes, and plugs into the AI tools you already use.

Symbol-aware retrieval

A symbol graph links definitions to their references, so "who calls this function?" is answered from the code's actual structure — not just text that looks similar.

Multi-repo AskPro

Ask one question across every indexed repository at once, with each citation tagged by repo — "how do the frontend and backend handle this?" in a single answer. Standard from Pro up.

Git history answers

Commit messages index alongside code, so "why was this changed?" and "when did this break?" get grounded answers — coverage a cloud indexer never sees, because it never sees your history.

Module overviews

A generated repo map and per-module summaries answer "how does auth work overall" with an overview instead of fragments — written by your local model, from your code, on your machine.

Cross-encoder reranking

A local reranker re-reads the top candidates against your actual question before answering — a sensible default at sub-second cost. We're straight about why: the measured file-hit jump on our Express benchmark came from a separate retrieval fix, not the reranker, whose isolated effect was within noise on 30 questions. We keep it on by default and are re-measuring its benefit on a larger repository.

Works with your AI tools

An MCP server exposes the same engine to Claude Code, OpenClaw, and any MCP client — bounded, cited context instead of re-reading files. The server itself is local-only: pair it with a local-model client and the loop stays zero-egress end to end; a cloud-backed client sends what it retrieves to its own vendor, by your choice.

See all code-intelligence capabilities →

The dashboard

A control plane your whole team can use.

Everything ships with a browser dashboard — connect your source control platforms, manage repositories and models, and ask questions about your code without touching a terminal. See it in action in the walkthrough above.

Connect your source control

Sign in to GitHub, GitLab, or Bitbucket once. Browse and autocomplete your repositories as you type, and clone private repos without per-clone credentials.

One-click indexing

Repositories index automatically on import. Update, sync, or switch branches per repo — and a stale index is one click from fresh.

Search and Ask

Literal and semantic search with file-type filters, plus Ask mode for grounded answers where every citation clicks open to its source. History and archive are built in.

Built-in source viewer

Citations and search results open the full file in a syntax-highlighted viewer — cited lines marked and scrolled into view, 15 languages, selectable light and dark code themes.

Watches

Pin a question as a standing check. After every reindex it re-asks itself and flags you when the cited answer drifts — "did the auth flow change this sprint?" answers itself.

See the full dashboard tour →

Trust layer

Security-first features for the modern development team.

100% local by design

Embeddings run on local Ollama, vectors live in local ChromaDB, and answers come from local models.

SourceVault Sentinel

An enforcement layer between the index and everything that reads it: an access policy gates which files can be read at all, a DLP pass redacts secrets from every answer before delivery, and each decision lands in a tamper-evident, hash-chained audit log.

AI-change provenance

Commits are classified for AI authorship and security relevance, with signed attestations — so "what did the AI change in auth this month?" has a grounded, verifiable answer.

Locked-down dashboard

Authentication is enforced by default — there is no tokenless mode. A token is auto-provisioned at first boot, sessions get a one-click Lock, and a strict content-security policy plus loopback guard keep the control plane local.

Tokens, never passwords

Access tokens are generated server-side and rotated from the UI in one click — nobody types or chooses a credential, and rotation signs every other session out instantly.

Secrets never indexed

.env files, lockfiles, and dependency directories are excluded automatically so credentials never become searchable vectors — and Sentinel's DLP layer redacts anything that slips through, on the way out.

No framework supply chain

The retrieval engine is built natively on two auditable local services — ChromaDB for vectors, Ollama for models. No LangChain-style orchestration layer in between: a smaller attack surface, every line yours to audit.

See every security control →

Pricing

Try free for 7 days. Pay once when it earns it.

Pricing scales with repositories — never per seat, never per token. Licenses are a one-time payment, yours forever, with 12 months of updates included — your installed version never stops working, and renewing updates later costs a fraction of list. Priority Support is the optional subscription for teams that want an SLA and hands-on tuning.

Start with the free trial

One command installs the full product with one repository for 7 days — no account, no card, and nothing leaves your machine. If it can't answer questions about your code with file-and-line citations, don't buy it.

Install free

Starter

$1,350 one-time

30 days of Priority Support included

For a founder or solo engineer who needs private code memory without a heavy platform project.

  • One-command install (macOS, Linux, Windows/WSL2)
  • Up to 3 repositories indexed
  • Dashboard, Hermes plugin, MCP server
  • Git-history answers and module overviews
  • Yours forever · 12 months of updates included
  • License key by email, activates instantly

Team

From $8,200 one-time

30 days of Priority Support included

For an engineering team or large monorepo that needs a deliberate rollout.

  • Multi-repo Ask included
  • Up to 4 machines, shared team setup
  • 15+ repositories / large-repo indexing strategy (no repo cap — unlimited)
  • Security-focused file exclusions
  • Team onboarding and maintenance runbook
Start with Team

Enterprise

Custom

Priority Support SLA

For regulated or air-gapped environments that need the compliance story in writing.

  • Multi-repo Ask included
  • Unlimited repositories
  • Air-gapped install: offline bundle and models
  • Signed compliance reporting over the Sentinel audit chain
  • Compliance pack with zero-egress verification
  • Multi-machine rollout, scoped to your environment
Get a fixed quote

Add-ons

Priority Support Subscription

A support SLA plus hands-on expertise when it matters: model and resource tuning for your hardware, and reindex strategy when embedding models change. Flat $195/mo for any plan, after the 30 days included with every license. Requires an active SourceVault license (buy with the same email). Cancel anytime.

Updates renewal Existing customers

Your license and installed version work forever. When your 12-month updates window ends, renew to keep receiving new releases — Starter $550, Pro $1,550, one-time. The fresh key arrives by email and replaces the old one in Settings → License.

"From" prices are honest floors, not bait — your quote is fixed before work starts. Send your stack, repo count, and target machine and you will get a straight recommendation, even if the right answer is the smaller package.

Every license carries a 14-day money-back guarantee, and nothing ever auto-renews — the details are in the billing & refund policy. Starting small is safe, too: upgrade from Starter to Pro any time for the difference in list prices — just email support.

Deployment

One command on every platform.

Everything runs on infrastructure you control — the models, the index, the dashboard. macOS installs with a single Homebrew command (native launchd services). Linux gets its own one-liner (curl | bash, systemd services). Windows runs it inside WSL2 Ubuntu from a single PowerShell command. Every install includes the 7-day free trial — or use the shared Docker Compose deploy, where teammates on any OS connect through the browser.

# macOS
brew install sourcevault-ai/tap/sourcevault

# Linux (Ubuntu/Debian) and WSL2
curl -fsSL https://sourcevault.ai/install.sh | bash

# Windows (PowerShell)
irm https://sourcevault.ai/install.ps1 | iex

Full install guide →

PlatformsmacOS (Homebrew, one command) · WSL2 Ubuntu / Ubuntu·Debian Linux · any OS via Docker Compose + browser
Minimum8 cores, 24GB RAM, 100GB SSD
Recommended12 cores, 32–64GB RAM, 250GB NVMe
Default embeddingnomic-embed-text
Default reasoningqwen3-coder:30b

Start the conversation

Make private code searchable without giving it away.

The free trial answers most questions — install it and see your own code cited back to you. For Team and Enterprise rollouts, air-gapped installs, or anything the trial can't settle, tell us your stack and you'll get a straight recommendation, usually the same day.

Prefer email? [email protected]