Skip to content

Security: tenequm/pond

.github/SECURITY.md

Security

Pond stores conversation history that may include API keys, secrets, file paths, and other sensitive content. Treat the data directory and any .pond archive as you would a secrets store.

To report a security vulnerability, please use GitHub's private vulnerability reporting rather than a public issue. I will acknowledge within 7 days.

There is no security SLA; pond is pre-v1 and ships under the Apache-2.0 license, without warranty.

There aren't any published security advisories