| Version | Supported |
|---|---|
| 1.0.x | ✅ |
| < 1.0 | ❌ |
If you discover a security vulnerability in ClawBird, please report it responsibly:
- DO NOT create a public GitHub issue
- Email: security@clawbird.dev (or create a placeholder email)
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will:
- Acknowledge receipt within 48 hours
- Provide a timeline for a fix
- Credit you in the security advisory (if desired)
When using ClawBird:
- Never commit credentials or sensitive data
- Use environment variables for configuration
- Run browser in isolated profile
- Be cautious with
--disable-web-securityflag - Review workflows before execution