Security Policy

If you find a security issue in Reasonix, please report it privately rather than opening a public issue or discussion thread.

How to report

Email 359807859@qq.com with:

• a clear description of the issue
• steps that reproduce it (a minimal repro is fine)
• the version (reasonix --version) and platform you observed it on

You'll get an acknowledgement within a few days, and a fix or mitigation as soon as the maintainer can land it. If you'd like attribution in the release notes when the fix ships, say so in your report — the default is a quiet patch.

Supported versions

Only the latest published minor of reasonix on npm is actively maintained. If you're on something older, please reproduce on the latest before reporting.

Scope

In scope:

• The published reasonix npm package and its CLI / TUI
• The dashboard SPA shipped under dashboard/ and the local HTTP server that serves it
• The shell sandbox, edit gate, and tool dispatcher in src/

Out of scope:

• Third-party MCP servers attached via --mcp (report to those projects)
• Misconfiguration of the user's own DeepSeek API key, environment, or shell profile
• Vulnerabilities in upstream Node.js or in the DeepSeek API itself
• Denial-of-service via deliberately oversized prompts or tool inputs (Reasonix is a single-user CLI; there's no multi-tenant boundary to defend)

Hardening notes

A few practical reminders for users running Reasonix:

• API keys live in ~/.reasonix/config.json. Treat that file like any other credential store.
• run_command and the ! shell shortcut respect a permission allowlist; the safe default is ask on anything not pre-approved. Don't set editMode: yolo on machines that hold secrets you'd regret leaking.
• Hooks (PreToolUse, etc.) execute arbitrary shell scripts the user has configured. Audit .reasonix/settings.json before running Reasonix in a directory you didn't author.