If you discover a security vulnerability in dotdog, please report it privately. Do not open a public issue.
Email: security@specdog.dev (or open a private security advisory on GitHub)
We will respond within 48 hours and work on a fix.
| Version | Supported |
|---|---|
| 0.4.x | Yes |
| < 0.4.0 | No |
- MCP server input validation
- Path traversal in file operations
- YAML injection in .dog files
- Token savings calculation integrity