| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability in OrbCode, please report it privately.
Do not open a public issue.
Instead, email us at support@matterai.so with:
- A description of the vulnerability
- Steps to reproduce (if applicable)
- Potential impact
- Any suggested fixes or mitigations
We will acknowledge receipt within 48 hours and provide a more detailed response within 5 business days. We ask that you give us a reasonable amount of time to address the issue before disclosing it publicly.
When we receive a security report, we will:
- Confirm the issue and determine its severity
- Develop a fix and test it
- Release a patched version
- Publicly disclose the issue with credit to the reporter (if desired)
- Keep your Node.js version up to date (we support Node.js >= 20)
- Run the plugin only in trusted environments
- Review the proxy settings before enabling
- Report any suspicious behavior immediately