Skip to content

Security: buildoak/gaal

Security

SECURITY.md

Security Policy

Gaal reads local AI agent session logs and can index sensitive local context, including prompts, commands, file paths, and transcript fragments. Treat Gaal databases, exported reports, handoffs, and package fixtures as potentially sensitive unless you have reviewed them.

Reporting a Vulnerability

Please report suspected security issues privately through GitHub Security Advisories for buildoak/gaal, or email buildoak@proton.me if advisories are not available.

Do not include private session logs or secrets in public issues. Share the minimal reproduction, affected version, platform, and impact. Reports are handled on a best-effort basis.

There aren't any published security advisories