Trust & Security

Security is a design choice here, not a bolt-on. The whole architecture minimizes what could ever go wrong with your data.

Privacy by architecture

• Local-first. There is no central database of user résumés, applications, or job history — so there is no honeypot to breach. Your data lives on your machine.
• No telemetry or tracking. The app phones nobody home; the website sets no analytics or advertising cookies.
• You own deletion. Every record is deletable in-app, or by removing the local database / config files.

Secrets handling

• API keys and credentials live only in your local .env.
• Secret fields are configured to never appear in logs or object reprs, and are masked in the UI.
• API responses never echo raw keys, and never leak exception or stack-trace detail to clients.

Supply-chain & code security

Every change runs through automated gates in CI before it can merge:

• CodeQL static analysis (SAST) — currently 0 open alerts.
• gitleaks secret scanning.
• pip-audit dependency vulnerability scanning.
• License compliance check (strong-copyleft dependencies blocked).
• OpenSSF Scorecard and the OpenSSF Best Practices badge.
• Pinned dependencies (Docker base + tools by digest) and reproducible uv.lock builds.
• Strict typing (mypy --strict) and 450+ automated tests.

Responsible disclosure

Found a vulnerability? Please report it privately via our GitHub Security page or by emailing harshitwandhare45@gmail.com — see SECURITY.md. Please don’t open public issues for security reports.

Open source = auditable

You don’t have to take our word for any of this. The entire codebase is public and MIT-licensed — read it, run it, and verify the privacy claims yourself at github.com/harshitwandhare/job-sentinel. For our regulatory posture, see the Compliance page.