git-paw 0.1.0

Parallel AI Worktrees — orchestrate multiple AI coding CLI sessions across git worktrees
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

# Security Policy

## Supported Versions

| Version | Supported |
|---------|-----------|
| latest  | Yes       |

## Reporting a Vulnerability

If you discover a security vulnerability in git-paw, please report it responsibly.

**Do NOT open a public GitHub issue for security vulnerabilities.**

Instead, please use [GitHub Security Advisories](https://github.com/bearicorn/git-paw/security/advisories/new) to report vulnerabilities privately.

### What to include

- Description of the vulnerability
- Steps to reproduce
- Impact assessment
- Suggested fix (if any)

### Response timeline

- **Acknowledgment**: within 48 hours
- **Initial assessment**: within 1 week
- **Fix or mitigation**: as soon as feasible, depending on severity

## Scope

git-paw is a CLI tool that orchestrates tmux sessions and git worktrees. Security concerns most likely involve:

- Command injection via branch names or CLI arguments
- Unsafe file operations (symlink attacks, path traversal)
- Insecure handling of configuration files

Thank you for helping keep git-paw safe.