If you discover a security vulnerability, please report it responsibly:
- Do NOT open a public issue for security vulnerabilities
- Email the maintainer at: srinathsankara@users.noreply.github.com
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
You should receive a response within 48 hours.
- This application runs locally — no data is sent to external servers
- Uploaded images are stored locally in the
uploads/directory - Analysis results are stored in local SQLite databases
- No patient data leaves your machine
- The application is not a medical device
- No authentication system is currently implemented
- BLE sensor communication relies on the
bleaklibrary - Model files are downloaded from Google's CDN on first run
- Run the application in a secure, local environment
- Do not expose the Flask development server to the internet
- Use a production WSGI server (Gunicorn, uWSGI) for deployment
- Keep dependencies updated
- Do not commit database files or uploaded images to version control
| Version | Supported |
|---|---|
| 1.0.x | Yes |
| < 1.0 | No |
Security updates will be released as patch versions and announced in the Releases page.