Only the latest release is supported with security updates.

If you discover a security vulnerability in Prompt Studio, please report it responsibly by emailing security@lightbridgelab.com rather than opening a public issue.

Please include:

• A description of the vulnerability
• Steps to reproduce the issue
• Any relevant logs or screenshots

You can expect an initial response within 7 days. Since this is a small, independently maintained project, fixes will be addressed on a best-effort basis.

Prompt Studio is a local-first desktop application. The following areas are in scope:

• Local file system access beyond what the user has authorized
• Credential or API key exposure
• Remote code execution
• Tauri IPC and webview security boundaries

Out of scope:

• Vulnerabilities in upstream dependencies already reported to their maintainers
• Issues requiring physical access to the user's machine
• Social engineering attacks