Skip to content

Security: KNOWDYN/LGF-Sci

Security

SECURITY.md

Security notes

This is an MVP. It includes password hashing, signed HTTP-only sessions, encrypted credential storage, API key hashing, one-time installer locking, and credit ledger controls.

Before production paid use, perform:

  • full security review
  • penetration testing
  • webhook replay checks
  • database backup policy
  • rate limiting with Redis or provider middleware
  • audit log retention policy
  • admin role review

There aren't any published security advisories