I had copilot take a look through your repository, I will link its finding at the bottom. as a tl;dr for anyone who got interested by the sales pitch of the website:
"DevMem is a moderately clever idea — tying AI-generated documentation updates to git commits is a legitimate problem worth solving — expressed in a Go codebase that is not yet production-ready, does not compile as committed, contains a material security misrepresentation in its documentation, and ships approximately one-quarter of the features its website describes.
...
The marketing website is polished to a degree inversely proportional to the maturity of the code behind it. The claims about credential security are not merely aspirational — they describe a specific technical mechanism ("macOS Keychain", "system credential store") that simply does not exist in the implementation. Users who trust that claim may store secrets in a file that is one cat command away from exposure."
"DevMem is a moderately clever idea — tying AI-generated documentation updates to git commits is a legitimate problem worth solving — expressed in a Go codebase that is not yet production-ready, does not compile as committed, contains a material security misrepresentation in its documentation, and ships approximately one-quarter of the features its website describes.
...
The marketing website is polished to a degree inversely proportional to the maturity of the code behind it. The claims about credential security are not merely aspirational — they describe a specific technical mechanism ("macOS Keychain", "system credential store") that simply does not exist in the implementation. Users who trust that claim may store secrets in a file that is one cat command away from exposure."
https://github.com/MultifokalHirn/DevMem/blob/copilot/write-...