| Version | Supported |
|---|---|
| 0.1.x | Yes (active beta) |
| < 0.1 | No |
Report security vulnerabilities by email to atharva.patil.cg@gmail.com.
Do not open public GitHub issues for security vulnerabilities.
Include the following in your report:
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Potential impact
- Suggested fix (if any)
We will acknowledge receipt within 48 hours and provide a timeline for resolution.
- Deterministic analysis — All analysis is reproducible. No randomness affects results.
- Safe extraction — Extractors never execute extracted content.
- Sandboxed evaluation — Rule evaluation is isolated from the execution environment.
- No network calls — The analysis pipeline makes zero network requests.
- Offline-first — Everything works without network access. No telemetry by default.
- Immutable outputs — All analysis results are frozen at construction.
- AI as consumer — AI explanations are read-only and never affect analysis results.