Skip to content

Security: vetcoders/codescribe

Security

SECURITY.md

Security Policy

Supported Versions

CodeScribe follows rolling support for the latest stable source and public release line.

Version Supported
0.12.x Yes
< 0.12 No

Reporting a Vulnerability

If you discover a security issue, please do not open a public issue.

Use one of these private channels:

  • Email: security@vetcoders.io
  • Fallback: hello@vetcoders.io

Please include:

  • Affected version
  • Reproduction steps
  • Impact assessment
  • Any suggested mitigation

Response Targets

  • Initial acknowledgment: within 2 business days
  • Triage decision: within 5 business days
  • Fix timeline: shared after triage
  • Public disclosure: after mitigation is available

Disclosure Process

  1. We acknowledge and triage the report.
  2. We reproduce and classify severity.
  3. We implement and validate a fix.
  4. We publish release notes and attribution (if requested).

Scope Notes

For local-first workflows, this project handles:

  • Microphone/audio capture
  • Local model execution
  • Optional API traffic to configured LLM providers

Please include provider and endpoint details in your report when relevant.

There aren't any published security advisories