Security

SECURITY.md

Security Policy

Supported scope

This repository is a local Python CLI planning tool. Security reports should focus on:

Unsafe local file handling
Command execution risks
Dependency vulnerabilities
Data exposure through logs or persisted state

Reporting a vulnerability

Please do not open public issues for security-sensitive reports.

Instead:

Open a private GitHub security advisory if available
Or contact maintainers through private repository contact channels

Include:

A clear description of the issue
Reproduction steps
Impact assessment
Suggested remediation if available

Disclosure process

Maintainers will acknowledge reports, triage severity, and coordinate remediation before public disclosure when possible.

There aren’t any published security advisories