Currently, we provide security updates for these versions:
| Version | Supported |
|---|---|
| 0.0.1 | ✅ |
We take the security of Plan-Linter seriously. If you believe you've found a security vulnerability, please follow these steps:
- Do NOT disclose the vulnerability publicly (no GitHub issues for security vulnerabilities)
- Email us at security@your-organization.com with details about the vulnerability
- Include steps to reproduce, impact, and any potential mitigations you've identified
- We will acknowledge receipt of your report within 48 hours
- We'll acknowledge your email within 48 hours
- We'll provide an initial assessment of the report within 7 days
- We'll work with you to understand and validate the issue
- We'll develop and release a fix according to our severity assessment
- We'll publicly disclose the issue after a fix is available (crediting you if desired)
- Keep Plan-Linter updated to the latest version
- Carefully review policy files before using them in production
- Use dedicated service accounts with appropriate permissions when integrating Plan-Linter
- Regularly audit your agent plans for security issues