| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability within snip, please send an email to the maintainer. All security vulnerabilities will be promptly addressed.
Please include the following:
- Type of vulnerability
- Full paths of source file(s) related to the vulnerability
- Location of the affected source code
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue
- Acknowledgment: Within 48 hours, you'll receive acknowledgment of your report
- Timeline: We aim to provide a timeline for when the vulnerability will be addressed
- Updates: You'll be notified of the fix and when a new version is released
When using snip:
- Review before running — Always preview snippets before execution
- Trusted sources only — Only run snippets from trusted sources
- GitHub tokens — Never commit GitHub tokens to your snippets
- Local storage — Snippets are stored locally in
~/.snip/by default
snip is designed to:
- Save and execute your own code snippets
- Search and organize reusable commands
- Share snippets via GitHub Gists (with your consent)
- Executing malicious code
- Storing credentials or secrets
- Automating unauthorized access
- Any use that violates applicable laws
Thank you for helping keep snip and its users safe!