Skip to content

Share-link scopes

When you generate a share link for a project, AI4Meta asks you to choose one of three scopes. The scope controls exactly what the recipient can see. The scope is bound into the link itself; a reviewer cannot escalate to a higher scope without you issuing a new link.

This page lists, explicitly and in detail, what each scope reveals and conceals.

Results only

Designed for: press releases, public previews, conference invitations, funder updates.

| Visible | Hidden | |---------|--------| | Project title, abstract, headline conclusion | Search strategy and database queries | | Pooled effect size, CI, heterogeneity stats | Codebook (variable definitions) | | Forest plot (figure) | Per-paper screening decisions | | Funnel plot (figure) | Per-paper extraction cells | | PRISMA flow counts (numbers only, no per-paper detail) | Risk-of-bias judgments | | Manuscript draft (read-only) | Reviewer comments and conflicts | | GRADE summary of findings table | Raw imported references |

A reviewer at Results only scope can quote your headline conclusion. They cannot rebuild your project from what they see.

Methodology

Designed for: journal peer review (this is the default and almost always the right choice).

| Visible | Hidden | |---------|--------| | Everything in Results only | Per-paper screening decision history | | Search strategy and database queries | Per-paper extraction cells (raw values) | | Inclusion / exclusion criteria | Reviewer-level disagreements and conflicts | | PICO framework | Coder identities and audit trail | | Codebook (variable definitions, units, scales) | Free-form notes and inline annotations | | PRISMA flow with per-stage counts | Project-member email addresses | | Risk-of-bias summary table (aggregate) | | | Sensitivity-analysis specifications | |

A reviewer at Methodology scope can answer the standard journal-review questions ("what databases did you search? what was your inclusion criterion? how did you assess risk of bias?") without seeing the per-paper decisions that make replication trivial.

Full audit

Designed for: trusted co-authors, formal methodology audits, replication studies.

| Visible | Hidden | |---------|--------| | Everything in Methodology | Project-member personal contact info | | Per-paper screening decisions and timestamps | Internal billing / subscription metadata | | Per-paper extraction cells (raw values, source quotes) | | | Reviewer-level conflicts and resolutions | | | Coder identities (pseudonymized by default; togglable) | | | Risk-of-bias judgments per paper | | | Audit log of who-did-what-when | | | Free-form notes and inline annotations | |

A reviewer at Full audit scope effectively sees a read-only mirror of the project. Issue this scope only to people you would also list as co-authors or who are conducting a formal third-party audit.

How to choose

A short decision tree:

  1. Are you sharing for a journal peer review?Methodology. This is what reviewers expect to see and is rarely insufficient.
  2. Are you sharing for a methodology audit (e.g., a reviewer asked specifically about coder agreement, or a journal's stats editor wants to verify your risk-of-bias process)? → Full audit. The auditor needs the per-paper detail; Methodology will not contain enough.
  3. Are you sharing for a press release or public preview (university comms team, funder update, conference talk)? → Results only. The audience does not need methodology and you should not give it to them by default.
  4. Are you sharing for a formal collaboration with a co-author who needs full edit access?Do not use a share link. Add them as a project member instead (Settings → Team). Share links are read-only by design.

Link lifetime, revocation, and tracking

Every share link has:

  • An expiration date you set when creating the link (default: 30 days). Expired links return a 410 Gone error.
  • A revocation switch in Settings → Sharing. Click Revoke and the link stops working immediately.
  • An access log showing every fetch of the link: timestamp, IP, and user-agent. The log persists even after the link is revoked.

Revoking a link does not retroactively erase what a reviewer has already viewed. It does, however, end further access, which is what you want when you suspect misuse. Pair revocation with a screenshot of the access log if you intend to escalate.

What share links never reveal

Independent of scope, share links never reveal:

  • Your account email or password
  • Other projects in your workspace
  • Billing or subscription metadata
  • Server-side audit fields (admin notes, abuse flags)
  • The raw OpenTimestamps proof bundles (those are downloaded explicitly from Settings → Provenance; see proof of priority)

If you discover a share link revealing any of the above, this is a security bug and you should report it to support immediately.