Read-only RepairDesk
ShopBrain uses supported read access for analysis. It does not create or edit tickets, invoices, customers, devices, inventory, or purchase orders in RepairDesk.
Security and trust
ShopBrain is designed around clear boundaries: read-only operational access, private tenant data, protected credentials, human review, explainable findings, and Stripe-hosted billing.
The trust model
Security is not one badge. It is the set of limits applied at connection, storage, access, review, analysis, and billing.
ShopBrain uses supported read access for analysis. It does not create or edit tickets, invoices, customers, devices, inventory, or purchase orders in RepairDesk.
Tenant-aware database policies keep one shop’s operational records, imports, source documents, and intelligence separate from another shop.
Owners control team roles and permissions. Sensitive areas such as billing, security, team management, and audit history have tighter access.
Integration credentials and service secrets stay on the server. They are never returned to browser code or displayed after storage.
Uncertain document fields and part matches wait for human confirmation instead of silently changing margin or vendor conclusions.
GPT-4o mini assists with supported invoice extraction and plain-language explanation. Deterministic code performs the financial calculations and checks.
Data handling in plain English
RepairDesk
Remains the authoritative system for day-to-day repair operations. ShopBrain reads supported records and does not write changes back.
Supabase
Stores authenticated workspace, billing-status, operational, evidence, permission, and intelligence records under tenant-aware access controls.
Cloudflare
Runs the ShopBrain application and scheduled processing, serves private application routes, and stores protected recovery objects where configured.
OpenAI
GPT-4o mini assists with supported invoice extraction and validated finding explanations. It does not become the system of record or calculate the shop’s financial totals.
Stripe
Hosts checkout and billing management and stores complete payment-card details. ShopBrain stores only customer, subscription, and status references needed for access.
Protecting application and server credentials
Enforcing workspace and role boundaries
Verifying signed Stripe webhooks
Keeping private files behind authorization
Flagging uncertain data for review
Who can access the workspace
Which vendors may send purchasing email
Which source credentials are connected
Whether uncertain imports and matches are approved
Which recommendations the business acts on
Start with every feature, every location, and unlimited usage. Connect real operating evidence and decide for yourself during a 30-day Full Access trial.
Cancel before the trial ends to avoid the first charge.