Self-Hosted AI vs Cloud: Why Privacy Matters in Code Review

When engineering teams evaluate AI code review tools, they often focus on capability — how good are the reviews? But for many organizations, the more important question is: where does your code go? Merlin AI Code Review was built from the ground up with a self-hosted, bring-your-own-key model that keeps proprietary code inside your infrastructure.

The data exposure problem with cloud AI code review

Most cloud-based AI code review tools work by sending your diff — or in some cases, your entire repository — to a third-party service for analysis. That service then proxies your code to an AI model on their behalf, stores your code for model training or audit purposes, and returns results.

For a startup building a CRUD app, this might be acceptable. For teams working on:

• Financial algorithms — proprietary trading logic that represents significant IP
• Healthcare software — patient data models and HIPAA-adjacent infrastructure
• Defense and government — classified or export-controlled systems
• Enterprise SaaS — multi-tenant code containing customer-specific logic
• Regulated industries — any team under SOC2, ISO 27001, PCI-DSS, or FedRAMP

...sending source code to a third-party SaaS is a non-starter. Even with privacy agreements, the risk surface is real: vendor breaches, subpoenas, accidental retention, model training on your proprietary data.

What self-hosted means in practice

Merlin AI Code Review runs entirely inside your own infrastructure. When a pull request opens, your CI pipeline (GitHub Actions, GitLab CI, or any other runner) downloads the Merlin AI Code Review binary and executes it. The binary:

1. Reads the PR diff from the VCS API — which you already trust
2. Constructs a prompt locally
3. Calls the AI provider API directly using your API key
4. Posts the results back to the PR

No code passes through any Merlin AI Code Review-operated server. There is no Merlin AI Code Review cloud backend. The only external call is from your infrastructure directly to the AI provider (Anthropic, OpenAI, Gemini, AWS Bedrock, etc.) — the same call your team already makes for other AI tooling.

Bring your own key (BYOK)

BYOK is not just a marketing term — it has real privacy implications. When you use your own API key:

• The AI provider's data handling policies apply to your org directly, not through a middleman
• You can audit exactly what data leaves your network via API gateway logs
• You can rotate, revoke, or scope keys without vendor coordination
• You can use enterprise agreements (e.g., Anthropic enterprise, Azure OpenAI) that include data processing addendums (DPAs)

Merlin AI Code Review supports Anthropic, OpenAI, Google Gemini, AWS Bedrock, and Ollama (fully local inference). For the most privacy-sensitive workloads, Ollama enables running a capable open-source model entirely on-premises — zero data leaves your network at all.

Compliance considerations

Teams operating under SOC2 Type II must demonstrate that they control where sensitive data is processed and by whom. A cloud AI code review tool that receives your source code is a vendor that must appear in your vendor assessment process, likely requiring a security review, a BAA (or equivalent), and ongoing monitoring.

Merlin AI Code Review's self-hosted architecture significantly simplifies this. There's no new vendor handling your code. The AI provider (which most teams already use and have assessed) handles the inference call. Your compliance posture remains clean.

Self-hosted doesn't mean self-managed infrastructure

A common misconception is that self-hosted AI requires running and maintaining servers. Merlin AI Code Review requires no dedicated infrastructure. It runs as a step in your existing CI pipeline — the same runner that builds your code also runs the review. There's nothing to deploy, scale, or patch.

For teams that do want persistent services (RAG indexing, autonomous agent, webhook bot), Merlin AI Code Review can run as a Docker container on any machine you already operate — no new infrastructure category needed.

The open-source guarantee

Merlin AI Code Review is fully open-source under the MIT license. You can read the source code, verify exactly what data leaves your system, compile the binary yourself, and fork the project if your needs diverge. There is no closed-source component, no telemetry, and no phone-home behavior. The privacy guarantee is verifiable — not just promised.