We actively support the following versions of Prompt Registry with security updates:
| Version | Supported |
|---|---|
| 0.0.x | ✅ |
Once we reach 1.0.0, we will follow this policy:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.0 | ❌ |
We take security vulnerabilities seriously. If you discover a security issue, please help us by responsibly disclosing it.
Please DO NOT open a public GitHub issue for security vulnerabilities.
Instead, report security issues through one of these channels:
-
GitHub Security Advisories (Preferred)
- Go to the Security tab in the repository
- Click "Report a vulnerability"
- Fill out the form with details
-
Private Disclosure
- Create a private security advisory
- Include detailed information about the vulnerability
- We will respond within 48 hours
Please provide:
- Type of vulnerability (e.g., XSS, path traversal, injection)
- Location (file, line number, or component)
- Step-by-step reproduction (how to trigger the issue)
- Potential impact (what can an attacker do?)
- Suggested fix (if you have one)
- Your contact information (for follow-up questions)
**Vulnerability Type**: Path Traversal
**Location**: src/services/BundleInstaller.ts:42
**Severity**: High
**Description**:
The bundle installation function does not properly validate bundle IDs,
allowing path traversal via specially crafted bundle IDs.
**Reproduction**:
1. Install a bundle with ID: `../../etc/passwd`
2. The installer writes files outside the intended directory
**Impact**:
Attackers could write files to arbitrary locations on the file system.
**Suggested Fix**:
Validate bundle IDs against a whitelist of allowed characters:
/^[a-zA-Z0-9-_]+$/- Acknowledgment: Within 48 hours
- Initial Assessment: Within 1 week
- Fix Development: Depends on severity
- Patch Release: As soon as fix is tested
- Public Disclosure: After patch is available
We use the following severity levels:
| Severity | Description | Response Time |
|---|---|---|
| Critical | Remote code execution, full system compromise | 24-48 hours |
| High | Privilege escalation, data exfiltration | 1 week |
| Medium | DoS, limited data exposure | 2-4 weeks |
| Low | Minor information disclosure | Next release |
- Confirmation: We'll confirm receipt and assess severity
- Updates: Regular updates on fix progress
- Credit: Public acknowledgment in release notes (if desired)
- CVE: We'll request a CVE for significant vulnerabilities
- Coordination: We'll coordinate disclosure timeline with you
-
Keep Updated
- Enable automatic updates in VS Code
- Check for updates regularly
- Review release notes for security fixes
-
Trust Sources
- Only install bundles from trusted sources
- Review bundle manifests before installation
- Be cautious with custom HTTP sources
-
Protect Tokens
- Never commit GitHub tokens to version control
- Use GitHub CLI for authentication when possible
- Revoke unused tokens
-
Review Permissions
- Understand what the extension can access
- Check file system operations in logs
- Monitor installed bundles
-
Validate Input
- Sanitize all user input in prompts
- Validate file paths
- Check data types
-
Secure Manifests
- Use HTTPS URLs only
- Include integrity hashes
- Specify exact versions for dependencies
-
Minimal Permissions
- Request only necessary permissions
- Document why permissions are needed
- Avoid broad file system access
The extension uses VS Code WebViews to display the marketplace UI. We implement the following protections:
- Content Security Policy (CSP): Restricts script execution
- Input Sanitization: User data is escaped before display
- Message Validation: All messages between WebView and extension are validated
Bundle installation involves file system operations:
- Path Validation: All paths are normalized and validated
- Base Directory Restrictions: Operations limited to extension storage
- Symlink Handling: Graceful fallback to copy on failure
The extension makes network requests to registry sources:
- HTTPS Only: All GitHub/GitLab APIs use HTTPS
- Certificate Validation: Standard Node.js certificate validation
- No Credential Storage: Tokens retrieved from VS Code settings or GitHub CLI
GitHub and GitLab tokens are handled securely:
- No Hardcoding: Tokens never hardcoded in source
- VS Code Settings: Stored in user settings (encrypted by VS Code)
- GitHub CLI: Uses system keychain when available
- No Logging: Tokens never logged or exposed in errors
This project undergoes regular security audits:
- Last Audit: November 4, 2025
- Audit Report: SECURITY_AUDIT.md
- Status: ✅ Passed
Key findings:
- ✅ No XSS vulnerabilities
- ✅ No path traversal risks
- ✅ No command injection
- ✅ Proper secret management
- ✅ Input validation in place
We monitor dependencies for vulnerabilities:
- npm audit: Run regularly
- Dependabot: Enabled for automatic updates
- Security Advisories: Monitored via GitHub
To check dependencies:
npm audit
npm audit fixFor security-related questions or concerns:
- Security Advisories: Use GitHub Security tab
- General Questions: Open a discussion (non-sensitive topics only)
- Private Concerns: Use GitHub's private reporting feature
We follow coordinated disclosure:
- Reporter notifies us privately
- We confirm and assess the issue
- We develop and test a fix
- We release a patch
- We publicly disclose details (with credit to reporter)
- Critical/High: 7-14 days after patch
- Medium: 30 days after patch
- Low: 90 days after patch
We may request more time for complex issues. Reporters will be notified of any delays.
We recognize security researchers who responsibly disclose vulnerabilities:
No security reports yet - help us keep it that way!
Subscribe to security updates:
- Watch Repository: Click "Watch" → "Custom" → "Security alerts"
- Release Notes: Check for security sections in releases
- GitHub Advisories: Follow the Security tab
We will not pursue legal action against security researchers who:
- Make a good faith effort to follow this policy
- Do not access or modify user data without permission
- Do not exploit vulnerabilities beyond proof-of-concept
- Report vulnerabilities promptly
We do not currently offer a bug bounty program. However, we deeply appreciate security contributions and will publicly credit researchers who help improve our security.
If you have questions about this security policy, please:
- Open a GitHub Discussion for general questions
- Use private disclosure for sensitive security concerns
- Check existing security advisories
Last Updated: November 4, 2025
Policy Version: 1.0
Thank you for helping keep Prompt Registry and its users safe! 🔒