Files
wehub-resource-sync 8cb1f9f479
Publish SDK (PyPI) / publish (push) Waiting to run
Publish SDK (npm) / publish (@aionui/officecli-sdk) (push) Waiting to run
Publish SDK (npm) / publish (@officecli/officecli-sdk) (push) Waiting to run
Publish SDK (npm) / publish (@officecli/sdk) (push) Waiting to run
Publish SDK (npm) / publish (officecli-sdk) (push) Waiting to run
SDK smoke / smoke (windows-latest) (push) Waiting to run
SDK smoke / smoke (macos-latest) (push) Waiting to run
SDK smoke / smoke (ubuntu-latest) (push) Waiting to run
Skill parity / diff (push) Waiting to run
chore: import upstream snapshot with attribution
2026-07-13 13:09:29 +08:00

26 lines
879 B
Markdown

# Security Policy
## Reporting a Vulnerability
OfficeCLI reads and writes `.docx`, `.xlsx`, and `.pptx` files, which may come
from untrusted sources. If you discover a security vulnerability, please report
it privately — **do not open a public issue**.
Preferred channel: use GitHub's private vulnerability reporting on this
repository (the **Security → Report a vulnerability** tab). This keeps the
report confidential until a fix is available.
Please include:
- A description of the issue and its impact
- Steps to reproduce (a minimal sample file is ideal)
- The OfficeCLI version (`officecli --version`) and your OS
We aim to acknowledge reports within a reasonable timeframe and will coordinate
a fix and disclosure with you.
## Supported Versions
Security fixes are applied to the latest released version. Please upgrade to the
latest version before reporting.