Thank you for helping us keep Claude Code Templates and the systems they interact with secure.
This project is maintained by Daniel Avila.
The security of our CLI tool and the templates it generates is our top priority. We appreciate the work of security researchers acting in good faith in identifying and reporting potential vulnerabilities.
If you discover a security vulnerability in Claude Code Templates, please report it to us in one of the following ways:
Send details of the vulnerability to [email protected] with the subject line "SECURITY: Claude Code Templates Vulnerability Report"
You can also report vulnerabilities through GitHub Security Advisories for this repository.
To help us understand and resolve the issue quickly, please include:
- Description: A clear description of the vulnerability
- Impact: What an attacker could achieve by exploiting this vulnerability
- Steps to Reproduce: Detailed steps to reproduce the vulnerability
- Affected Versions: Which versions of the CLI tool are affected
- Environment: Operating system, Node.js version, and any other relevant details
- Proof of Concept: If possible, include a minimal example demonstrating the vulnerability
When using Claude Code Templates:
- Keep Updated: Always use the latest version via
npx claude-code-templates@latest - Review Templates: Check generated files before committing to your repository
- Audit Hooks: Review automation hooks before enabling them
- Secure Environment: Use the tool in a secure development environment
- Dependency Scanning: Run
npm auditbefore submitting changes - Input Validation: Validate all user inputs and file paths
- Secure Defaults: Choose secure defaults for all template configurations
- Code Review: All changes undergo security-focused code review
- Maintainer: Daniel Avila
- Website: danielavila.me
- Email: [email protected]
- GitHub: @davila7
This security policy is designed to encourage responsible security research. We will not pursue legal action against researchers who:
- Act in good faith
- Follow responsible disclosure practices
- Do not access or modify user data
- Do not perform testing on systems they do not own
- Report vulnerabilities through the channels described above
Thank you for helping keep Claude Code Templates secure!