We currently support the latest stable version of PromptShell. Users are encouraged to always update to the most recent version to benefit from security patches and improvements.

If you discover a security vulnerability in PromptShell, please help us keep the project and its users safe by following these steps:

1. Do not open public issues for security vulnerabilities.
2. Privately report the vulnerability by emailing the maintainer.
3. Include the following in your report:
   • A detailed description of the vulnerability.
   • Steps to reproduce the issue.
   • Potential impact.
   • Suggested fixes, if available.

We aim to respond to vulnerability reports within 5 business days and will work with you to resolve the issue promptly.

• Do not run PromptShell as root unless absolutely necessary.
• Only use PromptShell in trusted environments.
• Be cautious when prompting with sensitive data or executing dynamic commands.
• Review and audit any third-party models or plugins used within PromptShell.

We support and encourage responsible disclosure. If you responsibly disclose a vulnerability, we will:

• Acknowledge your contribution.
• Provide credit in the changelog (if desired).

• GitHub Security Best Practices

Thank you for helping make PromptShell safer and more reliable!