constellation is pre-1.0. Only the latest released version receives
security fixes. If you are on an older release, please update first.
| Version | Status |
|---|---|
0.1.x |
actively supported |
< 0.1.0 |
not supported |
Do not open a public issue for security findings.
Please use GitHub's private vulnerability reporting:
- Go to https://github.com/intjiraya/constellation/security
- Click Report a vulnerability
- Fill in the form with what you found and how to reproduce it
If GitHub's form is unavailable, send a direct message on Discord to
@nugget.waffle.
- A short description of the issue.
- Steps to reproduce, ideally a minimal proof-of-concept.
- The version (
cchats --version), OS, and any relevant config (--host,--rootoverrides, custom env). - The impact you observed and the impact you believe is possible.
- An acknowledgement within 7 days.
- A fix plan or a decision within 14 days.
- Public disclosure coordinated with you, typically alongside the patch release. Reporters are credited in the release notes unless they ask otherwise.
constellation is a single-user local tool. The boundaries we defend are:
- The loopback HTTP / WebSocket surface (origin-checked, default-deny CSP, vendored scripts, no third-party network).
- Spawned
claudechild process (explicit env allowlist, cwd guard, bounded reap).
We do not defend against:
- An attacker with read access to
~/.claude/projects/(they already have the chat content). - An attacker with execute access to the user's account
(they can run
claudedirectly). - Vulnerabilities in
claudeitself (please report those to Anthropic).