llm-kernel 0.15.0

Foundation library for Rust AI-native apps — provider catalog, LLM client, MCP server, search, telemetry, and safety
Documentation
# Security Policy

## Supported Versions

Until a 1.0 release, security fixes land on the latest published minor and are
not backported to earlier `0.x` versions.

| Version  | Supported |
| -------- | --------- |
| 0.13.x   ||
| < 0.13   ||

## Reporting a Vulnerability

We take security vulnerabilities seriously. If you discover a security issue:

1. **Do not** open a public GitHub issue
2. Email security concerns to the maintainers via GitHub's private vulnerability reporting
3. Include:
   - Description of the vulnerability
   - Steps to reproduce
   - Potential impact
   - Suggested fix (if available)

## Response Timeline

- **Acknowledgment**: Within 48 hours
- **Initial assessment**: Within 5 business days
- **Patch target**: Within 90 days

## Dependency Security

We use `cargo audit` in CI to scan for known vulnerabilities in dependencies.

## Secret Scanning

We use [gitleaks](https://github.com/gitleaks/gitleaks) in CI to detect accidentally committed secrets, API keys, and credentials.