If you discover a security vulnerability in CARA, please report it responsibly. Do not open a public GitHub issue for security vulnerabilities.
Please send an email to [email protected] with the following information:
- A description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes or mitigations (if you have them)
- Your preference for being credited (if applicable)
This security policy applies to:
- Security vulnerabilities in the CARA application code
- Security issues in dependencies that affect CARA
- Data privacy or security concerns
This policy does not cover:
- Feature requests
- General bug reports (please use regular GitHub issues)
- Questions about usage or configuration
CARA is provided "as is" without any warranty. I am not responsible for any issues, security vulnerabilities, or damages that may arise from the use of this software.
Thank you for helping keep CARA and its users safe!