Skip to content

Security: jananadiw/spinespy

SECURITY.md

Security Policy

Supported Versions

Version Supported
latest

Reporting a Vulnerability

If you discover a security vulnerability, please report it privately:

  1. Do not open a public issue
  2. Email the maintainer or use GitHub's private vulnerability reporting
  3. Include details about the vulnerability and steps to reproduce

We will respond within 48 hours and work with you to understand and address the issue.

Security Considerations

SpineSpy processes all images locally on your device. No data is sent to external servers. The app requires:

  • Camera access: For posture monitoring snapshots
  • No network access: All AI processing is done locally

Updates

Security updates will be released as soon as possible after a vulnerability is confirmed.

There aren't any published security advisories