Security

SECURITY.md

Security Policy

Supported Versions

Project Memory is actively maintained on the main branch.

Reporting A Vulnerability

Please report vulnerabilities privately by emailing:

kloselyc@gmail.com

Include:

affected component(s)
reproduction steps
impact assessment
suggested remediation (optional)

We will acknowledge receipt within 72 hours and coordinate a fix before disclosure.

Scope

This policy covers:

API auth and authorization
secret/config handling
dependency and supply-chain risks
data isolation bugs across users/scopes

There aren’t any published security advisories