Skip to content

Security: KayKaspers/Nova-Development-Framework

Security

SECURITY.md

Security Policy

Reporting Security Issues

Security issues should be handled carefully and not exposed publicly before they are understood.

Sensitive Data

Never commit:

  • passwords
  • API keys
  • private tokens
  • SSH keys
  • personal data
  • production secrets

AI Safety

AI tools must not be allowed to execute destructive repository operations without human review.

Repository Safety

High-risk operations require human control:

  • force push
  • reset
  • rebase
  • clean
  • branch deletion
  • tag deletion

Security Review

Security-relevant changes should include:

  • affected files
  • risk assessment
  • mitigation
  • testing or validation steps

There aren't any published security advisories