At Promptbook, we take security seriously. This document outlines our security policy, including how to report vulnerabilities and which versions we actively support with security updates.
We maintain security updates for the following Promptbook versions:
| Version | Supported |
|---|---|
| Latest | ✅ |
| < Latest | ❌ |
Security patches are applied to the most recent major version. We strongly recommend keeping your Promptbook installation updated to the latest version.
If you discover a security vulnerability in Promptbook, please:
- Report privately: Email us at [email protected]
- Include details: Provide a clear description of the vulnerability and steps to reproduce
- Wait for confirmation: We'll acknowledge your report within 48 hours
Please do not disclose security vulnerabilities publicly until we've had the opportunity to address them.
- Acknowledgment: Within 48 hours
- Initial Assessment: Within 1 week
- Remediation Plan: Within 2 weeks
- Security Patch: Timeline varies based on complexity
Once a vulnerability is confirmed and addressed, we work with reporters to coordinate an appropriate disclosure timeline. We appreciate your collaboration in keeping our users secure.
When using Promptbook:
- Keep your installation up to date
- Use strong authentication mechanisms
- Follow the principle of least privilege when configuring access
- Review our documentation for security recommendations