Security Policy

Supported Versions

We provide security updates for the latest main branch and the latest tagged release.

If you discover a security vulnerability in transcriptd, please report it privately. Do not create a public GitHub Issue.

To report a vulnerability, please use GitHub Security Advisories:

Alternatively, you can email [email protected] directly.

Please include:

Acknowledgment: We aim to acknowledge receipt of your vulnerability report within 48 hours.
Triage: We aim to complete initial triage within 7 days.
Disclosure: We will coordinate with you on public disclosure after a fix has been rolled out.

In Scope:

The core transcriptd daemon, CLI, and TUI implementation in this repository
The MCP server implementation (src/mcp.rs)
The extraction adapters (crates/transcriptd-*)
Inter-process communication logic (src/ipc.rs)
Vulnerabilities in the shipped GitHub Actions CI pipelines (e.g. supply chain attacks)

Out of Scope:

Vulnerabilities in the underlying IDEs (Zed, VS Code, Claude Code)
Issues arising from local machine compromise (e.g. if root access was gained independently, the attacker can already read the AI databases directly)
Features marked explicitly as experimental or prototype without production intent
Unofficial forks or third-party builds

When investigating transcriptd, please be mindful of these areas:

Paths and symlinks: Extractors must not follow malicious symlinks or allow path traversal outside the user's workspace.
Daemon exposure: The MCP HTTP endpoint and Unix domain socket must not inadvertently expose sensitive transcript data across OS user boundaries.
XSS in TUI: Though terminal-based, maliciously crafted input from AI platforms should not lead to terminal escape sequence execution.
SQL Injection: Though we use parameter binding in transcriptd-store, LIKE / GLOB bounds in FTS queries should remain strictly sanitized.