Skip to content

Security: YSCJRH/GPTprice

Security

SECURITY.md

Security Policy

Reporting

Do not publish secrets, tokens, account data, order data, payment data, private repository links, or sensitive screenshots in issues or pull requests.

If you find a security issue, use GitHub private vulnerability reporting if it is enabled. For non-sensitive documentation or configuration hardening, a public issue is acceptable, but do not include exploit payloads, secret values, private repository names, or account details. If a secret was exposed, rotate it outside this repository before discussing the incident.

Project Scope

GPTprice is a static GitHub Pages site. It does not require API keys, authentication, a backend, user uploads, or a database.

Accepted public data should use official public URLs, clearly attributed third-party indexes, or redacted evidence with private data removed.

There aren't any published security advisories