codeGROOVE-dev
diff --git a/‎README.md‎
Lines changed: 7 additions & 6 deletions b/‎README.md‎
Lines changed: 7 additions & 6 deletions
diff --git a/‎cache.go‎
Lines changed: 14 additions & 1 deletion b/‎cache.go‎
Lines changed: 14 additions & 1 deletion
@@ -4,15 +4,16 @@
 [![Go Report Card](https://goreportcard.com/badge/github.com/codeGROOVE-dev/bdcache)](https://goreportcard.com/report/github.com/codeGROOVE-dev/bdcache)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 
-Simple, fast, reliable Go cache with [S3-FIFO eviction](https://s3fifo.com/) - better hit rates than LRU.
+Simple, fast, secure Go cache with [S3-FIFO eviction](https://s3fifo.com/) - better hit rates than LRU.
 
 ## Why?
 
 - **S3-FIFO Algorithm** - [Superior cache hit rates](https://s3fifo.com/) compared to LRU/LFU
-- **Fast** - ~19ns per operation, zero allocations
+- **Fast** - ~20ns per operation, zero allocations
+- **Secure** - Hardened input validation, no path traversal
 - **Reliable** - Memory cache always works, even if persistence fails
-- **Smart Persistence** - Local files for dev. Cloud Datastore for Cloud Run
-- **Minimal Dependencies** - Only one optional dependency (Cloud Datastore)
+- **Smart Persistence** - Local files for dev, Cloud Datastore for Cloud Run
+- **Minimal Dependencies** - Only one (Cloud Datastore)
 
 ## Install
 
@@ -48,8 +49,8 @@ cache, err := bdcache.New[string, User](ctx, bdcache.WithBestStore("myapp"))
 ## Performance
 
 ```
-BenchmarkCache_Get_Hit-16      66M ops/sec    18.5 ns/op    0 allocs
-BenchmarkCache_Set-16          61M ops/sec    19.3 ns/op    0 allocs
+BenchmarkCache_Get_Hit-16      63M ops/sec    19.9 ns/op    0 allocs
+BenchmarkCache_Set-16          57M ops/sec    20.8 ns/op    0 allocs
 ```
 
 ## License
 
@@ -1,3 +1,4 @@
+// Package bdcache provides a high-performance cache with S3-FIFO eviction and optional persistence.
 package bdcache
 
 import (
@@ -84,7 +85,7 @@ func (c *Cache[K, V]) warmup(ctx context.Context) {
 
 // Get retrieves a value from the cache.
 // It first checks the memory cache, then falls back to persistence if available.
-func (c *Cache[K, V]) Get(ctx context.Context, key K) (V, bool, error) {
+func (c *Cache[K, V]) Get(ctx context.Context, key K) (value V, found bool, err error) {
 	// Check memory first
 	if val, ok := c.memory.get(key); ok {
 		return val, true, nil
@@ -96,6 +97,13 @@ func (c *Cache[K, V]) Get(ctx context.Context, key K) (V, bool, error) {
 		return zero, false, nil
 	}
 
+	// Validate key before accessing persistence (security: prevent path traversal)
+	if err := c.persist.ValidateKey(key); err != nil {
+		slog.Warn("invalid key for persistence", "error", err, "key", key)
+		var zero V
+		return zero, false, nil
+	}
+
 	// Check persistence
 	val, expiry, found, err := c.persist.Load(ctx, key)
 	if err != nil {
@@ -156,6 +164,11 @@ func (c *Cache[K, V]) Delete(ctx context.Context, key K) {
 
 	// Remove from persistence if available
 	if c.persist != nil {
+		// Validate key before accessing persistence (security: prevent path traversal)
+		if err := c.persist.ValidateKey(key); err != nil {
+			slog.Warn("invalid key for persistence delete", "error", err, "key", key)
+			return
+		}
 		if err := c.persist.Delete(ctx, key); err != nil {
 			// Log error but don't fail - graceful degradation
 			slog.Warn("persistence delete failed", "error", err, "key", key)