Skip to content

Security: GhravenLabs/Mini-RAG

Security

SECURITY.md

Security Policy

Mini-RAG is a public portfolio demo for retrieval-augmented generation. Do not use it with secrets, passwords, private client documents, or sensitive personal data.

Reporting

Please report suspected security issues privately by email:

Include the affected file or command, what you expected, what happened, and reproduction steps if possible.

Scope

In scope:

  • Source code in this repository
  • Example data and documented commands
  • GitHub Actions workflows in this repository

Out of scope:

  • Third-party model providers
  • User-provided documents or prompts
  • Issues requiring access to private accounts or credentials

Please do not include secrets or private documents in bug reports.

There aren't any published security advisories