If you discover a security vulnerability in BubblesAI, please report it by opening an issue on GitHub or contacting the project owner directly via Discord (@BubblesTheDev in #bubbles-ai-gpt).

We encourage responsible disclosure. Please do not publicly disclose vulnerabilities until they have been addressed.

• No local data storage: BubblesAI does not store chat history or sensitive information on your device.
• API keys are stored locally and never transmitted to third parties except the selected AI provider.
• All communications with AI providers use secure HTTPS connections.

All dependencies are regularly updated to minimize security risks. If you notice an outdated or vulnerable package, please notify the maintainers.

• Discord: BubblesAI Support
• GitHub Issues: BubblesTheDev/BubblesAI