UNPKG

tiny-ai-api

Version:

A customizable and extensible client api for managing conversations and AI interactions, currently supporting the **Google Gemini** API β€” with flexibility to support any similar AI APIs.

github.com/JasminDreasond/Tiny-AI-API

JasminDreasond/Tiny-AI-API

59 lines (35 loc) β€’ 2.04 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# πŸ” Security Policy ## πŸ›  Supported Versions We provide security updates for the latest published version of this package: | Version | Supported | |----------------|-----------| | latest (`npm`) | βœ… | | older versions | ❌ | If you’re using an older version, we highly recommend updating to the latest version available on [npm](https://www.npmjs.com/package/tiny-ai-api). --- ## πŸ“£ Reporting a Vulnerability If you discover any security vulnerability in **tiny-ai-api**, **please report it responsibly and privately**. To report a vulnerability, use one of the following methods: - πŸ“§ **Email:** `tiny@puddy.club` - πŸ›‘οΈ **GitHub Security Advisories:** Use the "Report a vulnerability" feature on the repository page. We ask you **not to disclose vulnerabilities publicly** before we have had a chance to investigate and release a fix. We aim to respond to valid reports within **72 hours** and will try to release a fix within **7 working days**, depending on complexity and impact. --- ## πŸ“ Disclosure Process 1. You report a security issue privately. 2. We confirm the vulnerability and begin internal investigation. 3. A patch is prepared, tested, and released. 4. A public disclosure and GitHub Security Advisory may be published. 5. If you request it, we will credit you as the reporter (unless anonymity is preferred). --- ## πŸ”’ Notes on Security Scope This library is a client-side wrapper for AI session handling and **does not include internal protections for high-throughput usage or sensitive environments**. ### ⚠️ Use Caution In: - Production environments handling confidential data. - Systems requiring automated token usage monitoring (not provided by default). - Multi-user contexts where sandboxing is essential. Users are expected to implement external validations and logic where necessary. --- ## πŸ™ Thank You Thanks for helping us make **tiny-ai-api** a safer and more reliable project! πŸ’™ Your contribution to open-source security matters.