Security Policy
Supported Versions
| Version | Supported |
|---|
| Latest | Yes |
Reporting a Vulnerability
If you discover a security vulnerability in prompts.chat, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
Instead, please report vulnerabilities by emailing [email protected].
Include the following in your report:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
CVE Coordination
We coordinate the CVE identification and disclosure process with the GitHub Security team. Confirmed
vulnerabilities will be tracked through GitHub Security Advisories, and CVE IDs will be requested
and assigned as appropriate.
Scope
The following are out of scope:
- Denial of service attacks
- Social engineering
- Issues in third-party dependencies (report these upstream)
- Attacks requiring physical access
Disclosure Policy
We ask that you give us reasonable time to address the issue before any public disclosure. We are
committed to working with security researchers and will credit reporters (unless anonymity is
preferred) once the issue is resolved.
Thank You
We appreciate the security research community's efforts in helping keep prompts.chat and its users
safe.