Team Plan
The Team plan gives your entire engineering team shared architectural memory, CI merge enforcement, merge policies, a live dashboard, and a full audit log.
Getting started
1. Upgrade to Team
Visit cxgrd.com/pricing and upgrade to the Team plan. Seats are billed at $16/seat/month (minimum 5 seats).
2. Sign in
cxgrd auth login
Your token will automatically carry team-scoped claims (plan: team, team_id, team_role).
3. Push your first team graph
cxgrd scan --team
This scans your project and pushes the dependency graph to the shared team cloud. All team members can see this on the dashboard.
Use owner/repo format as your repo identifier (e.g. manan/api-service) — this is resolved automatically from your git remote.
4. Install the GitHub App
Go to cxgrd.com/dashboard and click Install GitHub App. This authorizes CXGRD to post commit statuses on your pull requests.
5. Generate a CI token
On the dashboard under CI Setup, click Generate. Copy the token — it's shown only once and never expires.
6. Add the token to GitHub Actions secrets
In your repo: Settings → Secrets and variables → Actions → New repository secret:
- Name:
CXGRD_AUTH_TOKEN - Value: paste the CI token
7. Add the workflow file
See cxgrd check --ci for the full workflow YAML.
Team dashboard
Visit cxgrd.com/dashboard to see:
- Health metrics — blast radius trends, hotspot files, change frequency heatmap
- Audit log — every
cxgrd check --cirun, who ran it, pass/fail, error count - Merge policies — configure per-repo rules that block PRs exceeding blast radius limits
- CI tokens — generate and revoke non-expiring tokens for GitHub Actions
- Team members — view roles (owner, admin, dev) and active members
Enter your repo name in owner/repo format (e.g. manan/website) to load health data for that repo.
Merge policies
Merge policies let you define per-repo rules that block PRs automatically when they exceed your blast radius limits.
Configure policies from the dashboard → Merge Policies panel. Set:
- Max blast radius — PRs that impact more files than this threshold are blocked
- Block on risk level — block PRs classified as
criticalorhighrisk
When cxgrd check --ci runs on a PR, the server evaluates the result against your policy and posts a failure commit status if blocked.
Roles
| Role | Permissions |
|---|---|
owner | Full access, billing, manage members, generate/revoke CI tokens |
admin | Manage members, generate/revoke CI tokens, configure merge policies |
dev | Run scans and checks, view dashboard |
CI tokens vs login tokens
| Login token | CI token | |
|---|---|---|
| Generated by | cxgrd auth login | Dashboard → CI Setup |
| Expires | 30 days | Never |
| Stored | ~/.cg/auth.json | GitHub Actions secret |
| Use case | Local CLI usage | GitHub Actions / remote CI |
Always use a CI token for GitHub Actions — not your personal login token. If your login token expires, CI breaks until you manually update the secret.
Upgrade at https://cxgrd.com/pricing