Security

SECURITY.md

Security Policy

Supported Versions

We release patches for security vulnerabilities. Currently supported versions:

Version	Supported
0.1.x	✅

Reporting a Vulnerability

If you discover a security vulnerability within Claude Organize, please:

DO NOT open a public issue
Email the maintainer at [rama@procsolve.com) with details
Include steps to reproduce if possible

What to expect:

Response Time: We aim to respond within 48 hours
Updates: We'll keep you informed about the progress
Disclosure: We'll coordinate disclosure with you
Credit: We'll acknowledge your contribution (unless you prefer to remain anonymous)

Security Best Practices

When using Claude Organize:

Environment Variables: Never commit .env files containing sensitive data
API Keys: Store API keys securely, never in code
File Permissions: Ensure proper file permissions on configuration files
Updates: Keep Claude Organize updated to the latest version

Security Features

Claude Organize includes several security features:

Skips sensitive files by default (.env, .pem, .key, etc.)
No network requests except to Claude AI API
No file execution permissions
Read-only analysis of file content
Strict file path validation

Dependencies

We regularly update dependencies to patch known vulnerabilities. Run npm audit to check for vulnerabilities in your installation.

There aren’t any published security advisories