Skip to content

Security: wimi321/timet

Security

SECURITY.md

Security Policy

Scope

Timet is an offline-first strategy app with native mobile bridges, local model execution, and bundled knowledge packs. Please report vulnerabilities responsibly.

Reporting

Until a dedicated security inbox exists, prefer a private GitHub security advisory. If that is unavailable, open a minimal issue without sensitive exploit details and note that you need a private follow-up channel.

What To Include

  • Affected platform and OS version
  • Device model
  • Reproduction steps
  • Impact summary
  • Whether the issue affects local inference, native permissions, bundled knowledge delivery, or prompt / session handling

Response Goals

  • Acknowledge receipt quickly
  • Reproduce and assess severity
  • Patch or mitigate before publishing full details

Out Of Scope

  • General disagreements about fictional route quality without a concrete security flaw
  • Third-party upstream issues with no Timet-specific impact

There aren't any published security advisories