If you discover a security vulnerability, please report it responsibly:
- Do NOT open a public issue
- Open a GitHub Security Advisory on this repo
- Or contact the maintainer directly
- Acknowledgment: Within 72 hours of report
- Status update: Within 7 days with initial assessment
- Resolution: We aim to release a fix within 30 days for confirmed vulnerabilities
Only the latest version receives security updates.
- No credentials or API keys are stored in this repository
- Install scripts write only to user-level directories (
~/.claude/) - Python dependencies install in isolated virtual environments