DocuChat is designed as a privacy-first, local-only application. All document processing, embeddings, and queries happen on your local machine:

• ✅ No data leaves your machine (unless using cloud LLMs like Gemini)
• ✅ Local databases only (ChromaDB, Neo4j run on localhost)
• ✅ No telemetry or analytics
• ✅ Complete control over your data

⚠️ IMPORTANT: The default Neo4j password (docuchat123) is for local development only.

For production or shared environments:

1. Change the Neo4j password immediately:

   docker exec -it docuchat-neo4j cypher-shell -u neo4j -p docuchat123
   # Then run: ALTER CURRENT USER SET PASSWORD FROM 'docuchat123' TO 'your-secure-password';

2. Update your environment variables:

   export NEO4J_PASSWORD='your-secure-password'

3. Or update docuchat/config/settings.py to use environment variables:

   NEO4J_CONFIG = {
       "password": os.getenv("NEO4J_PASSWORD", "docuchat123"),
       ...
   }

If using cloud LLM providers (Gemini, OpenAI, etc.):

• ✅ ALWAYS use environment variables for API keys
• ✅ NEVER commit .env files to version control
• ✅ Use .env.example as a template only

# Good
export GEMINI_API_KEY='your-api-key-here'

# Bad - Don't hardcode in files
api_key = "AIza..." # Never do this!

Default services run on localhost only:

• ChromaDB: localhost:8000 (not exposed externally)
• Neo4j: bolt://localhost:7687 (not exposed externally)
• Ollama: localhost:11434 (not exposed externally)

If you expose these services externally:

• Enable authentication on all services
• Use SSL/TLS encryption
• Configure firewall rules
• Use strong passwords

DocuChat stores data in:

• ~/.docuchat/data/ - Application data
• ~/.docuchat/chroma/ - Vector embeddings
• Neo4j Docker volume - Graph database

To securely delete all data:

docuchat reset-all
docker volume rm docuchat-neo4j-data

We take security seriously. If you discover a security vulnerability, please follow these steps:

Please do not create a public GitHub issue for security vulnerabilities.

Email security details to: security@docuchat.ai

Include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)
• Your contact information

• Initial Response: Within 48 hours
• Status Update: Within 7 days
• Fix Timeline: Depends on severity
  • Critical: 1-7 days
  • High: 7-14 days
  • Medium: 14-30 days
  • Low: 30-90 days

• We will acknowledge your report within 48 hours
• We will provide a detailed response within 7 days
• We will work with you to understand and resolve the issue
• We will credit you in the security advisory (unless you prefer anonymity)
• We request that you do not disclose the vulnerability publicly until we have released a fix

1. Keep Dependencies Updated

   pip install --upgrade docuchat

2. Use Strong Passwords

   • Change default Neo4j password
   • Use password managers
   • Enable 2FA on GitHub/cloud accounts

3. Review Ingested Documents

   • Only ingest trusted documents
   • Be aware of potential malicious content in PDFs
   • Use docuchat reset-data to clear suspicious data

4. Limit File System Access

   • DocuChat reads files from directories you specify
   • Review folder contents before ingestion
   • Use read-only mounts if possible

1. Code Review

   • All PRs require review before merge
   • Security-sensitive changes require extra scrutiny
   • Use GitHub's security scanning tools

2. Dependency Management

   • Regular dependency audits with pip-audit
   • Pin critical dependencies in requirements.txt
   • Monitor security advisories

3. Input Validation

   • Sanitize file paths and user input
   • Validate document formats before processing
   • Use parameterized database queries

4. Secret Management

   • Never commit secrets to Git
   • Use environment variables for sensitive data
   • Add pre-commit hooks to detect secrets

• ✅ Local-only processing by default
• ✅ No telemetry or external data transmission
• ✅ Environment variable-based configuration
• ✅ Comprehensive .gitignore for sensitive files
• ✅ Docker isolation for database services

• 🔄 Encrypted document storage (at-rest encryption)
• 🔄 Audit logging for data access
• 🔄 Role-based access control (multi-user mode)
• 🔄 Document classification and DLP policies

DocuChat undergoes regular security reviews:

• Last Review: October 2025
• Next Scheduled: January 2026
• Focus Areas: Dependency vulnerabilities, input validation, credential management

1. No Built-in Encryption: Documents are stored unencrypted on disk
2. No Access Control: Single-user application (no authentication)
3. No Audit Logs: No tracking of document access or modifications
4. Container Security: Neo4j runs with default Docker security settings

These are acceptable for a local development tool but should be addressed for enterprise deployment.

• Email: security@docuchat.ai
• Response Time: 48 hours
• PGP Key: Available on request

Remember: Security is a shared responsibility. If you're unsure about anything, please ask!