If you discover a security vulnerability in TypeWhisper, please report it responsibly.
Do not open a public issue. Instead, email security concerns to: security@typewhisper.com
You can also use GitHub's private vulnerability reporting.
We will acknowledge your report within 48 hours and aim to provide a fix within 7 days for critical issues.
TypeWhisper handles sensitive data including:
- Microphone audio
- API keys (stored in macOS Keychain)
- AppleScript automation (browser URL detection)
- Local HTTP API server
Issues in these areas are especially relevant.
| Version | Supported |
|---|---|
| Latest release | Yes |
| Older versions | No |