Currently, only the latest version of OpenSem is supported.

If you discover a security vulnerability, please do NOT open an issue or pull request.

Instead, send an email to: luckybearjl@gmail.com

Please include:

• A description of the vulnerability
• Steps to reproduce the issue
• Affected versions
• Potential impact

We will:

1. Acknowledge receipt of your report within 48 hours
2. Provide a detailed response within 7 days
3. Work with you to fix the vulnerability
4. Announce the security fix once a patch is released

When using these templates in your projects:

1. Review Memory Templates: Always review and customize the memory templates before activating a project
2. Check Permissions: Verify that Claude Code has appropriate permissions
3. Environment Variables: Never commit .env files or API keys
4. Git History: Be cautious when including sensitive information in commits
5. Dependency Updates: Keep dependencies updated for security patches

We follow responsible disclosure practices:

• Confidential reporting and handling of vulnerabilities
• Coordination with reporters to develop fixes
• Public disclosure after a fix is released
• Credit to security researchers in release notes

For more information, see:

• GitHub Security Best Practices
• OWASP Security Guidelines