Please do not report security vulnerabilities through public GitHub issues.

Instead, please report vulnerabilities through one of the following channels:

1. GitHub Security Advisory -- use the "Report a vulnerability" button on the Security Advisories page.
2. Email -- send details to the maintainers at the email address listed in the repository profile.

• Description of the vulnerability
• Steps to reproduce
• Affected versions
• Potential impact
• Suggested fix (if any)

• Acknowledgment -- within 48 hours
• Initial assessment -- within 5 business days
• Fix and disclosure -- coordinated with reporter; aim for 30 days

MemMe is designed as a local-first, edge-deployed memory engine. Its security model reflects this:

• All data is stored in a local .db file on the user's device.
• No data is sent to external servers unless the application explicitly configures a remote embedding or LLM provider.
• The LocalOnly privacy level ensures marked memories are never eligible for sync.

• All database queries use parameterized SQL statements.
• User-supplied values are never interpolated into query strings.

• Per-memory privacy levels: LocalOnly, Syncable, EncryptedSync.
• Four-level scoping (user_id / agent_id / app_id / run_id) provides data isolation between tenants.
• Memory queries are scoped by default -- one user cannot access another user's memories.

• When using external providers (OpenAI, etc.), memory content is sent to those services for processing.
• Users should review provider privacy policies before enabling smart mode or external embeddings.
• The bundled feature and mock providers allow fully offline operation with no external data transmission.

• Dependencies are pinned via Cargo.lock and audited periodically.
• The project uses cargo clippy with -D warnings in CI to catch common issues.