Only the latest published version on npm receives security updates.
| Version | Supported |
|---|---|
Latest published pandect@x.y.z |
yes |
| Earlier versions | no |
Please do not file public GitHub issues for vulnerabilities.
Instead, open a private security advisory at https://github.com/cleanmcp/pandect/security/advisories/new and include:
- A description of the issue
- Reproduction steps
- The npm version affected
- Your proposed fix (optional)
We aim to acknowledge new reports within 72 hours.
pandect is a CLI that:
- Reads
.mdfiles bundled inside the npm package - Writes one
.mdfile to the current working directory
It does not:
- Make network requests at runtime (the package is fully self-contained —
npxdownloads it once) - Execute any of the rulebook contents (rulebooks are inert markdown)
- Read or modify files outside the current working directory (other than the bundled rulebooks inside
node_modules/pandect/rulebooks/) - Have any runtime dependencies
The realistic risks are:
- A malicious version of
pandectis published. Mitigated by npm provenance attestation (every published version is signed via Sigstore and tied to the cleanmcp/pandect GitHub Actions workflow). Verify withnpm view pandect dist.signatures. - A rulebook recommends a malicious dependency. Each rulebook cites its dependencies' published versions on the day of generation. Always run
npm audit/cargo audit/pip-auditafter applying a rulebook. - A typosquat package on npm. The official package is
pandect— no scopes, no variants. If you seepandec,pendect,@something/pandect, etc., it's not us.
We follow coordinated disclosure: once a fix is published, we'll publicly credit the reporter (unless they prefer to remain anonymous) and document the issue in the GitHub security advisory.