If you discover a security vulnerability, please report it responsibly:
- Do NOT open a public issue
- Report via GitHub Security Advisory
We will respond within 48 hours and work with you to understand and address the issue.
auto-memory is a read-only query tool. It does not write to any database or modify any files. However, it reads from a local SQLite database that may contain conversation history, so:
- Never log or transmit database contents externally
- Sanitize all output displayed in terminals (we strip ANSI escape sequences)
- Validate all user input before passing to SQL queries (parameterized queries only)