@takk/tokenforecast is a stable (1.0.0), zero-runtime-dependency cost
forecaster that runs entirely inside your own process. We take security reports
seriously and aim to acknowledge each one within two business days.
Each published version follows strict SemVer (see
SPEC.md
and
.github/RELEASING.md).
Only the latest minor of the current major receives security patches; an older
major receives critical-CVE fixes for 6 months after the next major lands.
| Package | Supported |
|---|---|
@takk/tokenforecast |
current latest dist-tag |
Please do not file public GitHub issues for security problems. Send reports
to davcavalcante@proton.me (preferred) or say@takk.ag (Takk relay),
with the subject line beginning [SECURITY].
Include, at minimum:
- Affected version (
npm ls @takk/tokenforecast). - Reproduction steps or a minimal proof-of-concept.
- Impact assessment (what an attacker can achieve).
- Any suggested mitigation.
PGP or signed reports are welcome but not required. If you need an out-of-band channel, ask in the first message and we will propose one.
- Acknowledgement within 2 business days.
- Triage and severity assignment within 7 days.
- Fix targeted for the next release; critical issues ship as an out-of-band patch on the affected minor.
- Coordinated disclosure: the reporter is credited in the changelog and advisory unless they request anonymity.
Findings in any of the following are in scope:
- Input integrity. Any crafted event stream, series, or option that makes
the engine produce
NaNorInfinity, throw an uncaught error from a documented entry point, enter an unbounded loop, or silently return a misleading forecast that could drive a wrong budget decision without the honest interval or backtest reflecting the uncertainty. - Cost-data exposure. Token Forecast holds the cost events you record in process memory, which may carry your feature, user, or tenant identifiers. By design it makes zero outbound network calls and persists nothing. Any path that exfiltrates that data beyond your process, or smuggles it into a thrown error, is in scope.
- Scenario and price-book handling. Any path through
simulate,repriceEvents, ordetectPriceShiftsthat misattributes cost or leaks the caller-supplied price book outside the call. - Supply chain. Tarball contamination, a compromised npm scope, or a published artifact whose provenance attestation does not match the source commit.
- Forecast accuracy. A forecast being wrong is not a vulnerability. Token Forecast ships an explicit prediction interval and a backtested error on every result; the band, not the point, is the contract. A bad cold-start prior you supply produces a bad forecast (garbage in, garbage out).
- The custody of your cost data before it reaches the library (your application, your storage), which is the operator's responsibility.
- Denial of service via unbounded event arrays against your own application; input sizing remains the operator's responsibility.
- The behavior, pricing, or billing of the LLM providers whose spend you record.
- Zero required runtime dependencies. The transitive-dependency attack
surface is eliminated for every shipped bundle, including the edge build and
the CLI. The optional
@takksibling peers are resolved only when their bridge is imported. - Provenance. Every release is published with
npm publish --provenance(SLSA attestation by GitHub Actions). Verify withnpm view @takk/tokenforecast@<version> --json | jq .dist.attestations. - Lockfile committed.
pnpm-lock.yamlis tracked in git for reproducible installs.