Skip to content

Security: BuildLayer/ai-react

Security

SECURITY.md

Security Policy

Supported Versions

We provide security updates for the following versions:

Version Supported
0.1.x
< 0.1

Reporting a Vulnerability

If you discover a security vulnerability, please DO NOT create a public issue. Instead:

  1. Email us directly at hi@buildlayer.dev
  2. Include as much detail as possible about the vulnerability
  3. We will respond within 48 hours
  4. We will work with you to resolve the issue

What to Include

When reporting a security vulnerability, please include:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if any)
  • Your contact information

Response Timeline

  • Initial response: Within 48 hours
  • Status update: Within 7 days
  • Resolution: Depends on severity and complexity

Recognition

We appreciate security researchers who help us improve our security. We will:

  • Acknowledge your contribution (if desired)
  • Credit you in our security advisories
  • Work with you to ensure proper disclosure

Security Best Practices

When using @buildlayer/ai-react:

  • Keep your dependencies updated
  • Use environment variables for API keys
  • Never commit API keys to version control
  • Use HTTPS in production
  • Regularly review your API usage

Thank you for helping keep @buildlayer/ai-react secure! 🔒

There aren't any published security advisories