Currently, only the latest version of Navi receives security updates.
| Version | Supported |
|---|---|
| Latest | ✅ |
The Navi team takes security vulnerabilities seriously. We appreciate your efforts to responsibly disclose your findings.
Please do NOT report security vulnerabilities through public GitHub issues.
Instead, please send an email to: brunoqgalvao@hotmail.com
You should receive a response within 48 hours. If you don't, please follow up via the same email address.
Please include as much of the following information in your report as possible:
- Description of the vulnerability
- Steps to reproduce the issue
- Affected versions of Navi
- Impact of the vulnerability
- Proof of concept (if applicable)
- Suggested fix (if you have one)
- Confirmation: We'll confirm receipt of your report within 48 hours
- Evaluation: We'll investigate the issue and determine severity
- Resolution: We'll work on a fix and coordinate disclosure with you
- Disclosure: We'll announce the fix when it's available
When developing with or using Navi:
- Never commit API keys or secrets to version control
- Use
.env.examplefiles as templates (don't include real values) - Keep dependencies updated - run
bun updateregularly - Review permissions - only grant necessary permissions
- Use official releases - download from verified sources
Navi uses npm packages managed via Bun. We:
- Monitor for security advisories
- Update dependencies when vulnerabilities are disclosed
- Audit dependencies regularly with
bun audit
Navi integrates with various services. Each service manages its own security:
- Anthropic Claude - Enterprise-grade AI with SOC 2 compliance
- Cloudflare - DDoS protection and edge security
- Tauri - Rust-based security for desktop apps
Navi stores:
- Chat sessions - Locally in SQLite database (
~/.claude-code-ui/data.db) - API keys - In memory only (never logged or transmitted except to the intended service)
- Project settings - Locally in
.claude/directories - Credentials - Encrypted at rest for OAuth integrations
No data is sent to external servers except:
- API requests to Anthropic for Claude (required for functionality)
- Optional cloud services you explicitly configure
The Tauri desktop app:
- Code signing - macOS binaries are signed and notarized
- Sandboxing - Limited system access via Tauri permissions
- Updates - Delivered via Tauri's secure updater
- API keys are never logged to console or files
- OAuth tokens stored in encrypted database
- Environment variables are the preferred method for secrets
- Terminal/PTY runs in isolated processes
- File operations respect system permissions
- Browser automation (Playwright) runs in sandboxed context
- WebSocket connections use WSS when available
- API requests over HTTPS only
- No plaintext credentials in network traffic
Formal security audits:
| Date | Auditor | Scope | Report |
|---|---|---|---|
| TBD | TBD | TBD | TBD |
We follow Coordinated Vulnerability Disclosure:
- Report is received and acknowledged
- We investigate and develop a fix
- Fix is tested and validated
- Security advisory is published
- Users are notified to update
- Critical (CVSS 9.0+): Disclosure within 7 days of fix
- High (CVSS 7.0-8.9): Disclosure within 14 days of fix
- Medium (CVSS 4.0-6.9): Disclosure within 30 days of fix
- Low (CVSS 0.1-3.9): Disclosure in next release
- Credential leakage - Keys never exposed in logs or errors
- Code injection - Input validation and sandboxing
- Data exposure - Local-only storage by default
- Supply chain - Dependency audits and verified releases
- Physical access to your device
- Compromised OS or system libraries
- User willingly running malicious code in terminal
- Compromised Anthropic API account
For security questions not related to vulnerability reports:
- GitHub: Use Security Discussions
- Email: brunoqgalvao@hotmail.com
Thank you for helping keep Navi secure! 🔒