# Security Policy

## Supported Versions

| Version | Supported          |
| ------- | ------------------ |
| 0.1.x   | :white_check_mark: |

## Authorized Use

Ghost is designed for:
- Authorized security testing
- Defensive security operations  
- CTF challenges
- Security research and education

## Reporting Vulnerabilities

**Do NOT** open public issues for security vulnerabilities.

Contact: Create a private security advisory on GitHub

### Response Timeline

- Acknowledgment: 48 hours
- Initial assessment: 1 week
- Critical fixes: 7 days
- High priority: 30 days

## Security Best Practices

- Test only in authorized environments
- Run with minimum privileges
- Keep Ghost updated
- Sanitize logs before sharing
- Follow responsible disclosure

## Known Limitations

- Advanced malware may evade detection
- Kernel rootkits not detectable
- Platform-specific limitations
- Performance overhead on production systems

Thank you for helping keep Ghost secure!