Clausa handles sensitive documents (insurance policies contain PII such as SSN, DOB, VIN, and financial details). We take security and privacy seriously.

Please do not open a public issue for security or privacy vulnerabilities.

Instead, report privately via GitHub's security advisory ("Report a vulnerability"). Include:

• a description of the issue and its impact,
• steps to reproduce (use synthetic data only — never real PII),
• affected version/commit, and any suggested fix.

We aim to acknowledge reports within a few days and to address confirmed issues promptly. Please give us reasonable time to fix before any public disclosure.

• PII leakage — any path where personal identifiers reach a model, a log, a stored artifact, or the network when they should have been masked.
• Exfiltration — any way the skill or the local server could send document contents off the machine beyond the user-configured local model endpoint.
• Injection — crafted PDF content that escapes intended handling.

• Issues requiring a compromised host or malicious local model the user themselves configured.
• The lack of formal trademark/legal review (not a security matter).

• Prefer a local model; in remote mode only de-identified text is sent.
• Treat anything in a --keep-full artifact as containing PII and delete it.
• Never paste raw policy documents into third-party services.