I started building Zaxion in August 2025. No co-founder. No team. No funding. Just me, a CS student, annoyed at watching the same security mistakes show up in every codebase I touched — including my own. The idea was simple: what if your team's standards actually got enforced on every PR, automatically, before a human ever had to say anything? 8 months later I shipped it. Zaxion is a GitHub App that enforces custom code policies on every PR. You write the rule once in plain English or in Jason format. It enforces it forever. Hardcoded secrets, unhandled async calls, raw SQL with user input, missing tests on critical paths — whatever your team actually cares about. The engine uses Babel AST to understand code semantically. Not just text matching. Actual data flow, variable scope, taint tracking. For higher level architectural rules that are hard to express as code, it uses an LLM evaluator. Both run on every PR in under a second. After I shipped it,** I wanted to prove it worked on real codebases**.…