Security Guidelines

Networking tools and hotspot management require careful defaults and hygiene.

Defaults & recommendations

  • Prefer WPA2/WPA3 for hotspots; avoid OPEN unless you fully understand the risks

  • Enforce strong passwords (12+ chars) and recommend generate-password

  • Validate and sanitize user input in CLI and HTTP routes

  • Least-privilege: only elevate when required (hotspot start/stop)

Threat considerations

  • Injection through crafted network data or CLI args

  • SSRF/CSRF risks in HTTP microservices; lock down origins and routes

  • Untrusted plugins: only install signed or reviewed packages

Operational practices

  • Documented deprecation and change policy to avoid surprise breakage

  • Security audit/review before 1.0; consider community bug bounty

  • Rotate hotspot credentials and monitor connected devices

Report issues

If you discover a vulnerability, please open a private security advisory on GitHub or email the maintainer listed in the project metadata.