interpretthis 0.2.0

Sandboxed Python AST interpreter for untrusted and LLM-generated code
Documentation
# Security Policy

## Supported versions

Security fixes are accepted against the latest published release of
`interpretthis` on crates.io / the default branch of this repository.

## Reporting a vulnerability

Please **do not** open a public issue for security vulnerabilities.

Report privately by either:

1. **GitHub Security Advisories** on this repository
   (Security → Advisories → New draft security advisory), or
2. **Email** [security@moderately.ai]mailto:security@moderately.ai

Prefer private channels so maintainers can coordinate a fix before disclosure.

Include:

1. A description of the issue and its impact
2. Steps to reproduce (minimal Python snippet preferred)
3. Affected version / commit if known

You should receive an acknowledgement within a few business days.

## Scope notes

`interpretthis` is a **sandboxed AST interpreter**, not a general-purpose
Python runtime. See [`THREAT_MODEL.md`](../THREAT_MODEL.md) for the
intended attacker model (adversarial / prompt-injected LLM output) and
the constructs that are intentionally rejected or resource-bounded.

Reports that rely on host-injected tools (network, filesystem, process
spawning) are out of scope for this crate — those are host trust-boundary
issues. Reports that escape the sandbox *without* a host tool (e.g. via
blocked dunders, import of disallowed modules, or resource-limit bypass)
are in scope.