Skip to content

Security: apuslabs/BuildEcho

Security

SECURITY.md

Security Policy

BuildEcho is early and should be treated as experimental.

Human Approval Boundary

BuildEcho may generate drafts, reports, and recommendations. It must not publish, reply, mention users, or contact communities without explicit human approval.

Sensitive Data

Do not commit:

  • API keys
  • OAuth tokens
  • Social media session cookies
  • Private repository contents
  • Private user feedback
  • Analytics exports containing personal data

Reporting Issues

If you find a security issue, please open a private advisory if the repository supports it, or contact the maintainers privately. Do not publish exploit details before maintainers have had time to respond.

Early Scope

The first versions should prefer local, repo-native workflows over autonomous publishing or browser automation.

There aren't any published security advisories