Docs.
The essentials for installing CrossGraph, configuring it for your estate, and understanding what findings mean.
CrossGraph is in private beta. Full docs ship with public launch. Until then, this page links to the design docs + rule catalog in our GitHub repo.
Install
- Accept your beta invite (email from
hello@crossgraph.dev). - Install the CrossGraph GitHub App on your org. Select repos — default is all.
- In the dashboard, copy the OTel ingest URL + bearer token.
- Paste both into your OpenTelemetry Collector config:
# otel-collector.yaml
exporters:
otlphttp/crossgraph:
endpoint: https://api.crossgraph.dev/ingest/otel/<tenant-id>
headers:
authorization: Bearer <your-bearer-token>
service:
pipelines:
traces:
exporters: [otlphttp/crossgraph]Verify it's working
Open any pull request against a repo you opted in. Within 5 minutes you should see:
- A CrossGraph check run in the PR's check list.
- An inline review comment on each net-new finding, anchored at the sink line.
- A summary block at the top with severity counts.
Built-in rules
| ID | Name | Severity |
|---|---|---|
CG-001 | Cross-service SQL injection | Critical |
CG-002 | Cross-service command execution | Critical |
CG-003 | Cross-service server-side request forgery | High |
CG-004 | PII leaked to logs across services | High |
CG-005 | Secret exfiltration via cross-service response | Critical |
Full catalog + how to add more rules: docs/RULES.md.
Architecture
Full engineering design including data flow, data model, tenancy model, and the OTel-pruning algorithm: docs/ARCHITECTURE.md.
Support
- General: support@crossgraph.dev
- Security: security@crossgraph.dev — see /security for the disclosure policy
- Sales: sales@crossgraph.dev