Security Policy

Keeping PinZip secure and trustworthy

Security Advisories

Supported Versions

VersionSupported
1.0.xYes
< 1.0No

Reporting a Vulnerability

Please Do Not:

  • • Open a public GitHub issue for security vulnerabilities
  • • Disclose the vulnerability publicly before it has been addressed

Please Do:

Report via GitHub Security Advisories (preferred)

Report Security Issue

Response Time

  • • Acknowledgment: Within 48 hours
  • • Initial Assessment: Within 7 days
  • • Status Updates: Every 7 days

What to Include

  • • Type of vulnerability
  • • Steps to reproduce
  • • Proof-of-concept code
  • • Impact assessment

Security Features

Manifest V3

Latest Chrome extension standard

Local Processing

No data leaves your browser

No Tracking

Zero analytics or tracking

Strict CSP

Content Security Policy enforced

Security Best Practices

For Users

  • Download from official Chrome Web Store only
  • Keep the extension updated
  • Review permissions before installing
  • Report suspicious behavior

For Developers

  • All code changes require review
  • Keep dependencies updated
  • No user data collection
  • Request minimal permissions

Security Contact

For security concerns, please use:

Security Advisories
Preferred method
GitHub Issues
Non-sensitive discussions