We take security seriously. If you discover a security vulnerability, please report it responsibly.
DO NOT open a public issue for security vulnerabilities.
Instead, please:
- Email: Send details to rudrasarker130@gmail.com with subject "Security Vulnerability Report"
- GitHub Security Advisory: Use GitHub's private vulnerability reporting
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if available)
| Timeframe | Action |
|---|---|
| 24-48 hours | Initial response |
| 3-7 days | Vulnerability assessment |
| 7-14 days | Fix development and testing |
| 14-30 days | Coordinated disclosure |
| Version | Supported |
|---|---|
| 0.4.x | β Active development |
| < 0.4 | β Not supported |
AI Code Trust Validator helps identify:
- β SQL injection vulnerabilities
- β Command injection risks
- β Hardcoded secrets and credentials
- β XSS vulnerabilities
- β Insecure dependencies
- β AI code hallucinations
When using this tool:
- Review all findings before applying fixes
- Run in CI/CD pipelines to catch issues early
- Keep updated to the latest version
- Configure API keys securely (use environment variables)
- Don't commit
.envfiles with real credentials
Security: rudrasarker130@gmail.com GitHub: @rudra496
Thanks for keeping things secure! π