| Version | Supported |
|---|---|
| 1.0.x | ✅ |
If you discover a security vulnerability, please email us at: security@cosotech.team
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will respond within 48 hours and work to resolve the issue promptly.
This project implements:
- Content Security Policy (CSP)
- HTTP Security Headers
- Input sanitization
- XSS protection
- HTTPS enforcement
- No sensitive data storage in client-side
- Never commit sensitive data (API keys, passwords)
- Keep dependencies updated
- Report suspicious activity
- Use HTTPS only