If you discover a security vulnerability in this project, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
Instead, please email: kogunlowo@gmail.com
Include the following in your report:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
You will receive an acknowledgment within 48 hours and a detailed response within 7 days.
This project follows these security practices:
- Dependencies are regularly reviewed and updated
- Secrets and credentials are never committed to the repository
- Input validation and sanitization are applied where applicable
- API keys and tokens are managed via environment variables
- Cloud credentials follow least-privilege IAM principles
- Cost data access is scoped and audited
| Version | Supported |
|---|---|
| Latest | ✅ |
We follow a coordinated disclosure process. Please allow us reasonable time to address any reported vulnerabilities before public disclosure.