Skip to content

Security: TechAlchemistX/secretenv

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Please report security vulnerabilities privately to security@secretenv.io. Do not open public GitHub issues for security vulnerabilities.

We aim to acknowledge reports within 48 hours and provide an initial assessment within 5 business days. Researchers who follow responsible disclosure will be credited in release notes.

Scope and Threat Model

secretenv is a workflow product that eliminates a class of workflow-driven security failures. It is not a cryptographic or access-control product. For the full scope (including what we protect against, what we explicitly do not, and how the threat model compares to adjacent tools), see docs/security.md.

Supported Versions

Security patches are provided for the latest minor release. Older minor versions are not patched; upgrade to the current release for fixes.

There aren't any published security advisories