| Version | Supported |
|---|---|
| 1.0.x | Yes |
| < 1.0 | No |
If you discover a security vulnerability, please report it responsibly.
- Do NOT open a public GitHub issue
- Email: security@prometheus-loop.dev
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Assessment: Within 1 week
- Resolution: Within 30 days for critical issues
- Credit: You will be credited in the changelog (unless you prefer anonymity)
- All dependencies are scanned for vulnerabilities
- Code is reviewed before merging
- Secrets are never committed to the repository
- Plugin signatures are verified
- Plugins run in sandboxed environments
- Plugin permissions are explicitly declared
- No user data is collected without consent
- All data transmission is encrypted
- Sensitive data is never logged
Security updates are released as soon as possible. Subscribe to security advisories on GitHub for notifications.
No known vulnerabilities at this time.