Skip to content

Security: ehardisonjr-dev/vault-kosmos

Security

SECURITY.md

Security Policy

Vault Kosmos reads local Markdown folders and visualizes them in a browser UI. Treat vault content as private user data.

Supported Version

The public alpha is supported from the default branch only.

Reporting A Vulnerability

Please open a GitHub issue if the report does not contain private data. If you need to include sensitive details, contact the maintainer first and avoid attaching vault contents.

Security Expectations

  • No telemetry.
  • No automatic upload of vault content.
  • No camera access.
  • No writes into the user's vault.
  • Runtime event history stays inside .runtime/ in the app folder.

Any contribution that changes these properties must explain the reason clearly and update the README privacy model.

There aren't any published security advisories