Tow is created by Murry Jeong (comchangs) and supported by neurosam.AI. We take security seriously.

Please do NOT report security vulnerabilities through public GitHub issues.

Instead, please report them via email to:

oss@neurosam.ai

Please include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

• Acknowledgment: Within 48 hours
• Assessment: Within 1 week
• Fix & Disclosure: Coordinated with reporter

When using Tow, please follow the security guidelines in our documentation:

• Never commit SSH keys or passwords to tow.yaml
• Use environment variables (${VAR}) for sensitive values
• Add tow.local.yaml to .gitignore
• Enable branch policies for production environments
• Maintain ~/.ssh/known_hosts for host key verification

_neurosam.AI