# Ben Hargreaves, Product Designer / Solo Maker — read of Shipcheck, May 7 2026

> 9 years in product and design at SaaS companies, quit 18 months ago to build indie products with AI. On my third app. Still don't fully read my own code.

## How I got here

Someone dropped a link in the Indie Hackers Slack after a thread about pre-launch checklists. The comment was just "this one actually found stuff in my repo before I launched." I didn't click immediately. Came back to it three days later when I was stressing about whether my Supabase RLS policies were actually doing anything. Googled "how to audit vibe-coded app before launch" and saw it come up second. Clicked then.

## What I clicked first

The sample report. I skipped the hero almost entirely, actually. The mock report card with the B- grade and the specific findings pulled me down the page fast. "Hardcoded API key in lib/db.ts" and "Auth flow missing logout endpoint" -- those are real things I have done. Not hypothetical things. The specificity of those examples stopped my scroll more than any copy above them.

The hero line "Get back the ten things that will sink your launch" is fine but I've read that sentence in 12 other products. What made me stay was the fake report snippet looking like something I'd actually get back.

## Where I paused

The money-back guarantee buried in the FAQ: "If the finding doesn't tell you exactly what to change, we mark it incomplete and don't charge you."

I read that three times. That's a real claim. Either they're confident enough to stand behind the specificity, or that sentence is doing a lot of legal work and the threshold for "incomplete" is fuzzy. I genuinely don't know which. But it's the most interesting sentence on the page and it's in the FAQ, not the hero.

## What I distrusted

"4,200+ repos scanned" with no date context. Is that since launch? Since last month? Since the beginning of time? That number means nothing without a timeframe and I noticed they didn't give one.

"Marcus T., shipped his first paid SaaS in March." First name, last initial, one sentence. That's a placeholder testimonial. It reads exactly like what the AI coding tool generates when you say "add a testimonial section." I don't know who Marcus T. is. I can't find him. One real person with a last name and a link to their actual product would do more work than five of those.

Also: "Static analysis plus a Claude-driven semantic pass." Okay so the actual analysis engine is Claude. I'm a little ambivalent about that. It's honest, which I respect. But it also means I'm paying $9 for Claude to read my repo, which I could technically do myself for less. The value proposition becomes: it's already prompted and structured well enough that the output is actually useful. That's a real value proposition, but I want to see the output before I believe it.

## What would convince me

Show me a real founder's name, their product URL, and what the scan actually found, with their permission. Not "github.com/redacted/launch-portal." The redaction undermines the specificity that's supposed to be the whole product. Even one real, unredacted example -- "here's what we found in Josh Chen's app at joshmakes.com, here's the before/after, here's the finding on line 42 of the exact file" -- would close me. The sample report is doing 90% of the work on this page and it's still anonymized. That's a miss.

Also, a 60-second screen recording of the actual scan running and the report coming out. Not a mockup. Watching the real thing happen on a real repo would remove almost all my remaining doubt.

## What I'd ask in an email reply

1. The sample report says "lightly redacted" but every file path and company name is hidden. Can you send me one fully unredacted report (with permission) so I can see what the actual PDF looks like and how much signal vs. noise there is?

2. My repo has about 600 files. Does scan quality degrade as repo size goes up, or is the 90-second number still accurate and the findings still useful at that scale?

3. You mention "a Claude-driven semantic pass." Are you prompt-engineering on top of the Claude API, or is there something custom in how you're chunking and analyzing the code? I'm not asking for trade secrets, I just want to know if this is basically a well-crafted system prompt or something more.

## Verdict: curious-enough-to-reply

The sample report earned it. The pricing is so low that skepticism about ROI is almost not a factor. If I get even one finding I would have shipped, it paid for itself twice over. My main hesitation is that the testimonial and the redacted sample feel like they're hiding something, and I want to know if the output is actually as clean as the mockup suggests before I wire this into my pre-launch routine.

---
*Memo by skeptic persona, generated 2026-05-07. Studio breaks own self-grading loop.*
