Security

SECURITY.md

Security Policy

Supported Versions

We maintain the latest main branch. Please open a security advisory for critical issues.

Reporting a Vulnerability

Email: [email protected]
Subject: [SECURITY]
Include: reproduction steps, impact assessment, affected files/versions.

We will acknowledge within 72 hours and provide remediation timelines.

Data & Compliance

Supabase with RLS enforced for sensitive data
No OpenAI or third-party AI calls
Analytics consent-based

Responsible Disclosure

Please do not disclose publicly until a fix is released.

There aren’t any published security advisories