Skip to content

Security: avalonreset/seo-dungeon

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability, please report it responsibly:

  1. Do NOT open a public issue
  2. Open a GitHub Security Advisory on this repo
  3. Or contact the maintainer directly

Response Timeline

  • Acknowledgment: Within 72 hours of report
  • Status update: Within 7 days with initial assessment
  • Resolution: We aim to release a fix within 30 days for confirmed vulnerabilities

Supported Versions

Only the latest version receives security updates.

Security Practices

  • No credentials or API keys are stored in this repository
  • The WebSocket bridge runs locally and does not expose ports externally
  • The bridge only spawns local codex exec --json processes

There aren't any published security advisories