Security

Responsible disclosure.

BeforePaste handles sensitive local clipboard workflows. Reports that affect local redaction, target matching, installer integrity, or update safety are treated as security issues.

Report a vulnerability

Email security@beforewire.com with a concise description, affected version or commit, reproduction steps, and expected impact.

In scope

• Clipboard content exposure outside the user's local machine.
• Incorrect AI-target matching that causes unsafe raw paste behavior.
• Installer, release, or update-channel integrity issues.
• Unexpected persistence of clipboard contents.

Out of scope

• Generic AI model behavior after redacted content has been pasted.
• Issues that require a compromised operating system account.
• Denial-of-service reports without a security impact.