How does NSPEC verify bugs?
Every finding from the main run is handed to an independent bug-verifier agent. The verifier spins up a fresh browser context (no shared state with the original run), re-executes the repro steps up to three times, and produces a manual-grade confidence score. Anything below "medium" is rejected. Only survivors get filed.
What do I actually get per bug?
A real ticket in your tracker (Jira, Linear, or GitHub Issues) filed over a native MCP connector. The ticket contains title, repro, acceptance criteria, severity, suggested owner, and a full evidence bundle (highlighted screenshot, full-page capture, DOM snapshot, console log, network trace, verifier confidence). The HTML report is a self-contained preview/audit artefact, not the primary delivery channel.
Do you need access to my source code?
No. NSPEC tests the running UI. You give it a URL (and optional login). The only case where we look at your repo is if you opt in to git-diff based risk prioritization · and even then, we read the diff, not the source.
Which viewports and browsers?
Six viewports at launch: desktop 1440, laptop 1280, tablet portrait + landscape, mobile portrait + landscape. Chromium-based headless browser. Firefox and WebKit are on the roadmap.
Can it log in to my app?
Yes. Cookie-based sessions are handled via saved cookie state. Email-password forms are supported. SSO (Google, GitHub OAuth) works in most cases. Enterprise SSO with MFA is on the Enterprise track.
How is noise filtered?
Server-side quality gates reject empty or vague bugs, filter third-party console errors (GA, Sentry, fonts, ad-tech), detect contradictions between agents, and consult project memory for known false positives. Typical runs end with roughly 3% of raw findings surviving to become tickets · the rest is noise you never see.
How does the tracker integration actually work?
NSPEC talks to Jira, Linear, and GitHub over Model Context Protocol (MCP). You authorize the connection once, map severity to priority, and set a default project/repo. After that, every verified bug is filed as a real ticket. Not a CSV, not a webhook, not an email · a ticket.
Can I self-host?
Yes, on the Enterprise plan. Docker and Helm, BYO LLM (OpenAI, Anthropic, or a local model via Ollama). Artefacts never leave your network.
What does a run cost in compute?
A standard-tier run is billed per project per month, not per run (Team plan is $49/project/month with unlimited runs). Enterprise plans include a committed run budget that can be expanded. We don't meter on agent-minutes at the customer level.
How fresh is the test data?
NSPEC runs against whatever the URL serves at the moment of the run. If you want reproducible test data, point NSPEC at a staging environment with a seeded database. We do not maintain a fixture layer between you and your app.
What happens if NSPEC files a false positive?
Mark it as "not a bug" in the tracker (or reply in the NSPEC dashboard). Project memory records it and suppresses the pattern in future runs. Enough false positives on a single agent feed back to us as a signal to improve the verifier.
Does NSPEC replace Playwright / Cypress / my QA team?
Playwright and Cypress are test-authoring tools. NSPEC is a test-execution agent network that doesn't need authored tests · but you can run both happily. As for human QA, NSPEC replaces the flaky parts (regression sweeps, viewport matrices, click-path audits). Exploratory and product-judgment QA still benefits from a human.
How many agents and tools does NSPEC have today?
Eight specialist agent roles today (orchestrator, ui-explorer, component-auditor, responsive-tester, performance-profiler, bug-verifier, test-case-designer, accessibility-reviewer) composed over a shared toolbox of 60+ QA primitives. New agent roles and tools ship most months; the set is designed to grow without breaking existing integrations.
How much does it cost at public launch?
See the full pricing page. Waitlist members get early access before anyone else.
Who's building this?
A small team, currently single operator, based in Ontario, Canada. More people as launch approaches.
How is my data handled?
See the Privacy Policy, the Security page, and (for enterprise) the DPA. Short version: we collect as little as we can and we document what we do collect.