| Version | Supported |
|---|---|
| 0.2.x | ✅ Active |
| 0.1.x | |
| < 0.1 | ❌ Not supported |
If you discover a security vulnerability in ContextOps, please email [security@contextops.dev] (replace with your real address) instead of opening a public issue.
We will:
- Acknowledge receipt within 48 hours.
- Investigate and produce a fix within 14 days for critical issues.
- Coordinate disclosure with you before publishing any CVE or advisory.
- Code execution from a malicious prompt file (
.json/.jsonldataset). - SQLite injection via untrusted metadata fields.
- Path traversal in the local logger DB path.
- Sensitive data leakage through the LiteLLM auto-callback (e.g. logging prompts that contain user PII to a world-readable
~/.contextops/calls.db). - Dependency vulnerabilities (run
pip-auditregularly).
- Bugs in prompt optimization (wrong section order, bad cache estimates) — file a regular issue.
- API rate-limit issues with Ollama / OpenRouter — those are provider-side.
- Set
chmod 600 ~/.contextops/calls.dbif you log sensitive prompts. - Use
EchoJudgein CI; never run real judges against untrusted input. - Pin ContextOps in production:
contextops-tool==0.3.0notcontextops-tool>=0.3. - Review the
metadatafield of everyCallLogbefore sharing logs.