If you discover a security vulnerability in FinBrain MCP, please report it to us privately.
Email: info@finbrain.tech
Please include:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Any suggested fixes (if available)
- We will acknowledge receipt of your report within 48 hours
- We will provide a detailed response within 5 business days
- We will keep you informed of the progress toward a fix
- Please do not publicly disclose the vulnerability until we have addressed it
- We will credit you for the discovery (unless you prefer to remain anonymous)
- We will notify you when the fix is released
| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| 0.1.x | ❌ |
When using FinBrain MCP:
- Never commit API keys to version control
- Use environment variables or secrets management for API keys
- Keep the package updated to the latest version
- Review Docker images before deployment