Skip to content

Security: sumelabs/sume-cli

Security

SECURITY.md

Security Policy

Please do not open public GitHub issues for suspected vulnerabilities.

Report security issues to security@sumelabs.com with:

  • affected command or API route,
  • Sume CLI version,
  • operating system,
  • sanitized reproduction steps,
  • whether API keys, signed URLs, or private media may be involved.

Do not include raw API keys, signed/private URLs, raw provider payloads, or private user media in the report. If sensitive material is required to reproduce the issue, describe what is needed first and wait for a secure exchange path.

Sume CLI is a public API wrapper. It should not bypass Sume workspace access, billing, credit usage, queues, or provider boundaries.

There aren't any published security advisories